-
Notifications
You must be signed in to change notification settings - Fork 51
Roadmap
This is a rough plan what we intend to do for the next larger releases.
Current state as of writing this: 0.3.1 is out https://github.com/eclipse/kuksa.val/releases/tag/0.3.1
What: Security and authorisation in databroker
Why: Almost all deployments will have security goals, and currently databroker supports none. The main goals security here are: Confidentiality: Having an encrypted connection as interaction with databroker might be over any kind of network in the car. Also as not every kuksa.val client will be allowed to perform all operations in all parts of the data model, authorisation is needed.
When: Q3/2023
Content:
- Enabling TLS in databroker
- Supporting JWT tokens for authorisation based on an extended version of https://github.com/eclipse/kuksa.val/blob/master/doc/KUKSA.val_server/jwt.md
- will be extended to reflect differing access to "target" vs "current" values
- more fine-grained control over the right to change metadata/extending the tree
What: The return of VISS: Bringing basic VISSv2 support to KUKSA databroker
Why: For some use cases VISS is an easier choice than GRPC (e.g. wiping up some quick webinterface). This also brings us to feature parity with val-server allowing us to finally deprecate it
When: Q3,Q4/2023