Project

General

Profile

Actions

Architecture #6186

closed

Accept node based solely on their public key

Added by Benoît PECCATTE almost 10 years ago. Updated almost 7 years ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Web - Config management
Effort required:
Name check:
Fix check:
Regression:

Description

Today we accept nodes using TOFU, where the first use is checked on a mix of their IP and their reverse dns.

We now have the public key of an agent declared in its inventory.
We should use this information and trust the agent based on this key.

We would then have a lot less problem related to agent refusal by the server.
And this would be more secure than the current setup.

Actions

Also available in: Atom PDF