ziti-tunnel-sdk-c icon indicating copy to clipboard operation
ziti-tunnel-sdk-c copied to clipboard

Published 20 hours ago verified publisher icon openziti

dial-only setting

Open dovholuknf opened this issue 2 years ago • 4 comments

Currently devices are able to be set into 'host-only' mode which is great for a server, but client devices need to be able to control which services they are allowed to 'host' as well. As a user, I want to be able to specify which services I specifically allow to be hosted. Initial implementation could start as an "all or nothing"/binary option, but eventually I could see a need/desire for fine-grained, dynamic control over which services my client could bind, allowing me to override the controller.

dovholuknf avatar May 15 '23 11:05 dovholuknf

This strikes me as critically important for adoption by the administrator of the device and network where the hosting tunneler is installed. In short, that administrator is not necessarily the same party that controls Ziti, and so there's no expectation that the device and network admin trusts the Ziti admin to only host friendly services for friendly Ziti clients.

qrkourier avatar May 15 '23 13:05 qrkourier

possibly specify/enable this with an identity attribute e.g. secureTunneler

scareything avatar Jun 13 '24 14:06 scareything