Episode 119 - GluuFederation/identerati-office-hours GitHub Wiki

Title:

• Host: Mike Schwartz, Founder/CEO Gluu

• Guest: Mark Nottingham, Member Internet Architecture Board at IETF

• Linkedin Event

• Youtube Video

Description

Cloudflare asserts that "Existing bot verification mechanisms are broken"! They have introduced two IETF drafts-- HTTP message signatures and request mTLS – for friendly bots to authenticate themselves, and for customer origins to identify them. Join us for a discussion of how this could help secure bot communication!

Homework

• Forget IPs: using cryptography to verify bot and agent traffic
• HTTP Message Signatures for automated traffic Architecture
• IETF Draft TLS Flag - Request mTLS

Takeaways

TBD

Livestream Audio Archive

Will be Here