Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server-specified IVORN-prefix-based whitelist #46

Open
timstaley opened this issue Nov 1, 2016 · 0 comments
Open

Server-specified IVORN-prefix-based whitelist #46

timstaley opened this issue Nov 1, 2016 · 0 comments
Labels
Wishlist Features

Comments

@timstaley
Copy link
Contributor

timstaley commented Nov 1, 2016
edited
Loading

[Wishlist item]
Something of a corollary to #32:
(Until such time as we're all submitting VOEvents with GPG fingerprints, and everyone is verifying packets received according to said fingerprints:)
It would be very handy to apply an ivorn-prefix matching component to remote-ip whitelisting, so e.g.
'Only relay events from remote broker @ 123.4.5.6 if their ivorn begins with the prefix ``ivo://foo.bar.acme/```
This would be a simple way of ensuring that remote brokers do not 'pollute' someone else's stream, either through human error or malicious intervention.

I can think of ways to implement this currently using multiple instances of Comet running on one machine (different ports), by applying filtering within the known-good local instances, but it gets a bit baroque.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Wishlist Features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jdswinbank @timstaley