SDL 0207 - RPC message protection
Closed this issue · 1 comments
Proposal: SDL 0207 - RPC message protection
This proposal proposes a design to protect (enable encryption for) RPC messages transmitted between a mobile application and the SDL.
smartdevicelink/sdl_evolution#634
Steering Committee Decision:
The Steering Committee voted to accept this proposal with revisions. The revisions will include adding a flag in the policy table per app that describes if they are required to comply with the encryption or not as noted in this comment.
There was additional discussion in regards to whether or not this encryption will be used in core from the policy table, essentially authentication and validation or if this flag needs to be passed from core into the proxies. It was determined that it is almost inferred by the proxies if they get an on-permission change with the new RPCs that are delegating they need to be encrypted and the app itself would need encryption, so core should send the on-permission changes to an app in regards to the RPC encryptions unless that app requires an encryption.
Revisions were made on 2.19.19
Closed via #158