Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow message to be verified #48

Open
alexellis opened this issue Jan 5, 2019 · 3 comments
Open

Allow message to be verified #48

alexellis opened this issue Jan 5, 2019 · 3 comments
Assignees
@ewilde
Labels
design/review

Comments

@alexellis
Copy link
Member

alexellis commented Jan 5, 2019
edited
Loading

Feature: Non-repudiation for queue-worker callbacks

Suggested by: Ed Wilde @ewilde

We can use HMAC or RSA and HMAC together to sign messages when we use the X-Callback-Url. This means that receivers of the callback messages can verify the sender as the queue worker vs. some bad actor that discovered the URL.
@alexellis
Copy link
Member Author

Via @ewilde https://tools.ietf.org/html/draft-cavage-http-signatures-05

This was referenced Feb 23, 2019
Open
Open
@ewilde
Copy link
Contributor

ewilde commented Feb 24, 2019
edited
Loading

I've created a conceptual diagram for the http signatures flow: diagram

ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Feb 24, 2019
@ewilde
Adds http signatures to callbacks
bc75625 
Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
@ewilde ewilde mentioned this issue Feb 24, 2019
Closed
20 tasks
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Feb 24, 2019
@ewilde
Adds http signatures to callbacks
dbf3ef4 
Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Feb 24, 2019
@ewilde
Adds http signatures to callbacks
e1f0304 
Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Feb 24, 2019
@ewilde
Adds http signatures to callbacks
2326069 
Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
@ewilde
Copy link
Contributor

ewilde commented Feb 24, 2019

Derek assign: ewilde

@derek derek bot assigned ewilde Feb 24, 2019
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Mar 15, 2019
@ewilde
Adds http signatures to callbacks
c989f82 
    Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Mar 15, 2019
@ewilde
Adds http signatures to callbacks
06deb79 
    Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
ewilde added a commit to ewilde/nats-queue-worker that referenced this issue Mar 17, 2019
@ewilde
Adds http signatures to callbacks
b9c6ba3 
Resolves openfaas#48

Signed-off-by: Edward Wilde <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ewilde ewilde

Labels
design/review
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adds http signatures to callbacks ewilde/nats-queue-worker
2 participants
@ewilde @alexellis