| ▲ | tptacek 5 hours ago | |||||||
It's exactly the tokenizer, but we shoplifted the idea too; it belongs to the world! (The credential thing I'm actually proud of is non-exfiltratable machine-bound Macaroons). Remember that the security promises of this scheme depend on tight control over not only what hosts you'll send requests to, but what parts of the requests themselves. | ||||||||
| ▲ | orf an hour ago | parent | next [-] | |||||||
How does this work with more complex authentication schemes, like AWS? | ||||||||
| ▲ | svieira 4 hours ago | parent | prev [-] | |||||||
Did the machine-bound Macaroons ever get written up publicly or is that proprietary? | ||||||||
| ||||||||