torus-cli icon indicating copy to clipboard operation
torus-cli copied to clipboard

Published 20 hours ago verified publisher icon manifoldco

Gatekeeper: Bootstrap over SSL

Open enmand opened this issue 7 years ago • 0 comments

Currently, all bootstrapping communication is done over a normal HTTP connection, however machine token ID and secret are shared back to the machine that is being bootstrapped. An evesdropper in your network could MITM to retrieve this information, and once the machine was given access, a malicious user could act as that machine.

enmand avatar May 27 '17 23:05 enmand