[openscreenprotocol] [Security] Consider making auth-initiation-token mandatory. (#185) from Mark Foltz \(Google\) via GitHub on 2019-08-14 (public-webscreens@w3.org from August 2019)

From: Mark Foltz \(Google\) via GitHub <sysbot+gh@w3.org>
Date: Wed, 14 Aug 2019 21:56:00 +0000
To: public-webscreens@w3.org
Message-ID: <issues.opened-480906713-1565819758-sysbot+gh@w3.org>

mfoltzgoogle has just created a new issue for https://github.com/webscreens/openscreenprotocol:

== [Security] Consider making auth-initiation-token mandatory. ==
We recommend agents use a token to hand out consent to participate in PSK authentication.

Should we make it mandatory?

What are the implications for agents outside the LAN (how would they get the token)?

Ref: https://github.com/webscreens/openscreenprotocol/pull/182#discussion_r314099812

Please view or discuss this issue at https://github.com/webscreens/openscreenprotocol/issues/185 using your GitHub account

Received on Wednesday, 14 August 2019 21:56:01 UTC