Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support TLS on REST API #195

Open
michaelweiser opened this issue Jan 12, 2022 · 0 comments
Open

Support TLS on REST API #195

michaelweiser opened this issue Jan 12, 2022 · 0 comments
Assignees
@michaelweiser
Labels
enhancement security
Milestone
2.2

Comments

@michaelweiser
Copy link
Contributor

With #77 about to close due to our initial implementation of a REST API we should not forget that we still need some support for securing access to that API across machine boundaries. #147 tracks support for authenticating the client using passwords or API tokens. Here we should look at:

  • providing encryption of network traffic so Support client authentication #147's passwords or tokens do not leak
  • authentication of Peekaboo as a server (server certificate and CRL checking)
  • TLS-based client authentication in addition or instead of Support client authentication #147 (e.g. pre-shared keys (i.e. TLS-PSK) and TLS client certificates)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michaelweiser michaelweiser

Labels
enhancement security
Projects
None yet
Milestone
2.2
Development

No branches or pull requests
1 participant
@michaelweiser