+1 On Fri, Apr 10, 2015 at 11:35 AM, Pamod Sylvester <[email protected]> wrote:
> +1 to make it mandatory to provide username/password. Otherwise we might > leave out a vulnerable system in hands. > > On Fri, Apr 10, 2015 at 11:30 AM, Akalanka Pagoda Arachchi < > [email protected]> wrote: > >> Hi all, >> >> We are planning to implement tenant support for MQTT in Message Broker >> 3.0.0. This requires a client to always provide a username and a password >> when connecting from a tenant. >> >> However, MQTT specification [1] states that security is non normative and >> therefore users can use the system with or without security. However, we're >> planning to make an exception in this case to make authentication mandatory >> for MQTT when connecting via a tenant. >> >> Thanks, >> Akalanka >> >> >> >> [1] - >> http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html#_Toc398718111 >> >> -- >> *Darshana Akalanka Pagoda Arachchi,* >> *Software Engineer* >> *078-4721791 <078-4721791>* >> > > > > -- > *Pamod Sylvester * > *Senior Software Engineer * > Integration Technologies Team, WSO2 Inc.; http://wso2.com > email: [email protected] cell: +94 77 7779495 > -- ============================ Srinath Perera, Ph.D. http://people.apache.org/~hemapani/ http://srinathsview.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
