Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feat] [Provider] Redis Cache to blacklist too many attempts of automatic client registrations #128

Open
peppelinux opened this issue Mar 13, 2022 · 0 comments
Open

[Feat] [Provider] Redis Cache to blacklist too many attempts of automatic client registrations #128

peppelinux opened this issue Mar 13, 2022 · 0 comments
Assignees
@peppelinux
Labels
enhancement New feature or request

Comments

@peppelinux
Copy link
Member

peppelinux commented Mar 13, 2022
edited
Loading

each failed trust chain evaluation MUST be stored in a Redist TTL counter
The requestor MUST be ignored, until the redis TTL expires, after a threshold of attempts (eg: 5)

this is a mitigation for a evil-subject that inject metadata discovery though automatic client registration using fake trust marks in its entity configuration
@peppelinux peppelinux added the enhancement New feature or request label Mar 13, 2022
@peppelinux peppelinux self-assigned this Mar 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@peppelinux peppelinux

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peppelinux