Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow invalidate of previous credentials for a user AS #323

Open
juagargi opened this issue Nov 11, 2020 · 1 comment
Open

Allow invalidate of previous credentials for a user AS #323

juagargi opened this issue Nov 11, 2020 · 1 comment
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@juagargi
Copy link
Member

Once a user AS is configured, we obtain a host id and secret that will be valid for the existence of this AS, as well as a VPN client certificate.
It maybe useful to be able to invalidate them for some reasons:

  • The credentials are used somewhere else, and we want to invalidate other "usages" but this.
  • The credentials were compromised.

This by itself is not enough to avoid the user AS to connect to the AP.
Ideally we would be able to prevent existing user ASes configured before selecting "Invalidate Previous Credentials" from even connecting to the AP.
@juagargi juagargi added enhancement New feature or request help wanted Extra attention is needed labels Nov 11, 2020
@FR4NK-W
Copy link
Contributor

FR4NK-W commented Nov 12, 2020

"Invalidating" an AS is done by deleting it from the coordinator (and creating a new one if needed)
Otherwise revocation needs to be done properly.

@juagargi juagargi mentioned this issue Sep 3, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@juagargi @FR4NK-W