You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add the MUNGE_OPT_ADDR_RESTRICTION context option to restrict credential decoding based on the origin IP address. While the local munged daemon prevents a credential from being replayed on that host, it does not protect against replay on a different host. This option would allow credential decoding to be restricted to a (presumably) unique IP address where a replay attack would be prevented by the local daemon.
This will require extending the credential format (#87).
This should support both IPv4 and IPv6 addresses (#21).
The text was updated successfully, but these errors were encountered:
Add the
MUNGE_OPT_ADDR_RESTRICTIONcontext option to restrict credential decoding based on the origin IP address. While the local munged daemon prevents a credential from being replayed on that host, it does not protect against replay on a different host. This option would allow credential decoding to be restricted to a (presumably) unique IP address where a replay attack would be prevented by the local daemon.This will require extending the credential format (#87).
This should support both IPv4 and IPv6 addresses (#21).
The text was updated successfully, but these errors were encountered: