Need to add authentication to MQTT #78
Comments
|
Hey folks, was lookin at this to see what's needed but there's no description. Looked a bit at options. There's bus authentication itself which should be used: Then using that bus, being authenticated to it, components might use something like JWT-rs265 tokens and certificates to sign them to authenticate to eachother via the bus. If implemented correctly (maybe my explanation is a bit poor), that should ensure only components with the right certificates (signed by the soarca-implementor themselves) can speak to eachother over an common authenticated channel. Does that sound about right or do you have different views on how it should work? Regards, ~Sebbie |
|
@r0c300 I think this is something we have to consider. JWT-rs265 tokens auth are currently not part of the Fin Protocol, however, this might be a good suggestion for SOARCA v1.2. |
No description provided.
The text was updated successfully, but these errors were encountered: