yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

notes/cisco_org_level_entities.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2022-05-02 17:16:11 +02:00
parent 1be981cb60
commit e63b0bcb52
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
notes/cisco_org_level_entities.org
View file

@ -16,4 +16,16 @@ Goal of the epic:
The goal of this Epic is to handle the case where the creator of a client
leave the company.
We still wish to keep the client working.
This
So here are a few things to consider:
1. The client secret is only known by its owner when delivered.
Then this secret should also be used by the client code.
So other people working with the client's owner should probably be able
to get that password.
But when the owner leave the company, knowing the secret might have some
security concern. So ideally, the client secret should be updated on
both end (inside IROH and in the Client program).
Actionable: Add a change client secret endpoint.
2.