C2MS 1.1b1 RTF Avatar
  1. OMG Issue

C2MS11 — Message-level Security Credentials

Open Closed All
  • Key: C2MS11-22
  • Status: closed  
  • Source: Kratos RT Logic, Inc. ( Mr. Mike Anderson)
  • Summary:

    Justin Boss:
    A username or alternate security credential should be able to be provided with all C2MS requests (and possibly should be required)?

    Systems should not automatically trust remote clients and therefore a credential should be required with all messages. This would allow components to authorize and audit requests on a per-user/connection level.
  • Reported: C2MS 1.0 — Tue, 23 Jun 2020 03:38 GMT
  • Disposition: Transfered — C2MS 1.1b1
  • Disposition Summary:

    Part of a TBD Sister Spec

    Although it would be a good idea to have security info accompany the message, it really is part of a TBD Sister Spec. Perhaps a Message Envelope that interacts with the MW, rather than embedded within the C2MS message.
  • Updated: Mon, 16 Sep 2024 14:18 GMT