Introduce resset Action permissions for KMS key ops. #34
Conversation
| ActionSign | ||
| ActionVerify | ||
| ActionEncrypt | ||
| ActionDecrypt |
There was a problem hiding this comment.
@btoews are you OK having this sort of KMS-specific detail in the macaroon library?
Would it be better to have some generic names here like "ActionOp1", "ActionOp2" and then in petsem authority define those names as "ActionSign", "ActionVerify"?
There was a problem hiding this comment.
I'd like to avoid adding KMS-specific values to this package, especially since we've only given ourselves 16 bits for Action. I couldn't put my finger on a better solution, so I spent some time experimenting. The best I came up with was to make ResourceSet take a second type parameter for the Action. This seems to work pretty cleanly. Let me know what you think #35 https://github.com/superfly/nomad-firecracker/pull/2667
There was a problem hiding this comment.
Another thing that works well with having a second, extended Action type is that it's more backwards compatible with existing macaroons. For Encrypt, for example, we can require ActionControl | ActionEncrypt. When checking the Apps caveat, we'll only look for the ActionControl part, but we'll look for ActionControl and ActionEncrypt when verifying Secrets or SecretTypes caveats.
|
merging your nmf changes into my nmf PR and dropping this PR. |
No description provided.