Credentials/auth for client connection #3
Comments
|
TLS was added in 5d3fbe9 although only basic (self-signed cert). Auth still open. |
|
I will be working on this one next. I'm thinking at something similar to https://github.com/bitcoin/bitcoin/blob/master/doc/JSON-RPC-interface.md#security reusing/adapting As far as I see it, authentication would be applied to both daemon and wallet RPC. |
Interesting idea to connect these. Look forward to it. At some point there was code to do this with self-signed certs, I'm not sure if it's still functional, because I think there were only a couple of people using it, based on the idea of having jmdaemon on a remove (virtual) machine. |
Also, encryption/TLS. Not sure of the right approach here; it looks like it's fairly easy to add credentials to the AMP connection. The connection is currently hardcoded to localhost, but clearly it would be either nice or essential to add security to this inter process communication, depending on how you look at it.
The text was updated successfully, but these errors were encountered: