-
Notifications
You must be signed in to change notification settings - Fork 78
Crypto Failure Log Messages
wmiaw edited this page Oct 3, 2014
·
1 revision
There may be situations where crypto operations fail and client data would be useful to help diagnose and resolve the issue. In this case the client may send diagnostic data or log messages to the server along with the (potentially unauthenticated) entity identity. The server will respond acknowledging receipt.
The client must take care to ensure no confidential or sensitive user-identifying or user-related data is included in message.
This communication occurs between a trusted services network client and server.
Security Property | API Return Value | Reason |
---|---|---|
Encryption Required | false | Crypto operations are not available. |
Integrity Protection Required | false | Crypto operations are not available. |
Non-Replayable Required | false | The data will be sent in the clear without integrity-protection, and thus can be easily extracted for reuse. |
Service Tokens Expected | false | The response will not include any service tokens. |
User Associated | null null |
The request is not associated with a user. |
Security Property | API Return Value | Reason |
---|---|---|
Encryption Required | false | No confidential data will be returned. |
Integrity Protection Required | false | The client is unable to perform crypto operations and therefore unable to verify the server identity. |
Non-Replayable Required | false | Responses are always non-replayable. |
Service Tokens Expected | false | The response is the last communication for this MSL transaction. Therefore no service tokens are expected in response to the response. |
User Associated | null null |
The trusted services response is not associated with a user. |
A Netflix Original Production
Tech Blog | Twitter @NetflixOSS | Jobs
- Introduction
- Encoding & Normalization
- Cryptography
- Versioning
- MSL Networks
- Entity Authentication
- User Authentication
- Key Exchange
- Service Tokens
- Messages
- Error Messages
- Application Security Requirements
- Protocol Implementation
- Configuration Guide