Specify a way to enable some form of security

cdevents / spec

A common specification for Continuous Delivery events

Apache License 2.0

125 stars 22 forks source link

Specify a way to enable some form of security #153

Open xibz opened 11 months ago

xibz commented 11 months ago

The ideal goal is to have a single event bus that handles all CDEvents. However, when a service team is to deploy something, other consumers may not have disclosures on that particular item/feature/event. Due to this, we need some way of allowing for producers to target specific consumers.

It isn't clear what this looks like yet, and this may not even be the right repo depending on the discussion.

Further we need a way of identifying a sender, whether that is done by signing events or what

e-backmark-ericsson commented 11 months ago

What event (types) should reach what consumers should not be up to the protocol/spec to decide. It is more of an event infrastructure deployment/config setting. In RabbitMQ for example, this would be handled by setting different binding keys (federations) between different instances of message buses. Events produced on one message bus instance would or would not be available in a connected message bus instance, depending on what federation rules (binding keys) are defined between them.

xibz commented 11 months ago

be up to the protocol/spec to decide

Agreed. That's why I mention that this is probably the wrong repo, but I want to open discussions for this, because this is going to be something every company/team/person would need to think about.

It is more of an event infrastructure deployment/config setting

Right, but the idea is how would a team go about solving that. I think having some ideas or designs that people could follow would be most helpful and if we can provide a library or something that makes authentication/authorization/identity easier, then we should, because security can be easily overlooked, and if some company ends up with a bad design, then that is going to be a horrible experience.

e-backmark-ericsson commented 11 months ago

I agree. There are ideas in CDF on creating a reference architecture, and this discussion could partly be detailed there. But the specifics of identifying senders and such might also affect the CDEvents protocol spec itself, so I won't say this issue is completely wrongly placed in this repo. The CDF reference architecture is expected to be driven by SIG Interoperability. Possibly through this issue: https://github.com/cdfoundation/toc/issues/170. One way to progress this would be to join the SIG Interoperability meetings, documented here: https://hackmd.io/HuufSDMaTPyb3qxkyBKg3A