Re: [VOTE] access control for dynamic hosts
I'm proposing to commit the patch if I'm given a go. Currently 2 votes: +1: Mario Brandt, Yann Ylavic -- Fabien.
Re: [VOTE] access control for dynamic hosts
Hi Fabien, On Wed, Mar 9, 2016 at 5:44 PM, wrote: > > Currently 2 votes: > > +1: Mario Brandt, Yann Ylavic I think you can go ahead, trunk is in CTR (Commit Then Review) mode. You may have more feedbacks when done... Regards, Yann.
Re: [VOTE] access control for dynamic hosts
Hello Yann, +1: Mario Brandt, Yann Ylavic I think you can go ahead, trunk is in CTR (Commit Then Review) mode. Ok, I'll do a last check and commit soon. -- Fabien.
Re: [VOTE] access control for dynamic hosts
Currently 2 votes: +1: Mario Brandt, Yann Ylavic I think you can go ahead, trunk is in CTR (Commit Then Review) mode. I just committed the changes as r1734412: https://svn.apache.org/viewvc?view=revision&revision=1734412 -- Fabien.
Re: [VOTE] access control for dynamic hosts
Hello Yann, ylavic: I would have liked more (doc) emphasis on the lower security of "Require forward-dns" vs "Require host"'s double DNS lookup How about adding something like: From a security perspective, getting access to a protected page is somehow easier with "forward-dns" because the attacker needs only to control the DNS for the domain, while they would also need to control the reverse DNS with "host". Now, if you have important confidential data, they would not be only protected by host-based authorizations, would they? -- Fabien.
Re: [VOTE] access control for dynamic hosts
Hi Fabien, On Wed, Mar 23, 2016 at 6:12 PM, wrote: > > How about adding something like: > > From a security perspective, getting access to a protected page is somehow > easier with "forward-dns" because the attacker needs only to control the DNS > for the domain, while they would also need to control the reverse DNS with > "host". Now, if you have important confidential data, they would not be > only protected by host-based authorizations, would they? I guess this question is for me, not the doc :) Right, host-based is not the state of the art of authorizations, that could also be documented for both "forward-dns" and "host"... maybe without asking for an agreement from the reader? ;) But reverse DNS is actually also easier to control than forward anyway, so in both cases it really boils down to controlling the configured host's domain (or the DNS/resolver used by the server). So, finally, mentioning that *any* ip/host-based authz should be combined with other authz/authn (SSL certificates, credentials schemes, ...) for stronger requirements may be the way to go. Or maybe simply not change the doc since all this might be quite obvious... Regards, Yann.
Re: [VOTE] access control for dynamic hosts
Hello Yann, I guess this question is for me, not the doc :) Yep! [...] So, finally, mentioning that *any* ip/host-based authz should be combined with other authz/authn (SSL certificates, credentials schemes, ...) for stronger requirements may be the way to go. I agree that combining authz is the way to go, esp. with sensitive applications which are more and more hosted outside of organizations, or even provided as SaaS. I'm not sure of a good place to discuss authorization policies in general in the documentation though. Or maybe simply not change the doc since all this might be quite obvious... I would be fine with this solution:-) -- Fabien.
