Feature: Remove built-in Authn/z from RSTUF
kairoaraujo opened this issue · comments
What is the feature about?
It was introduced in the prototype of RSTUF API.
This feature allows users to deploy RSTUF and use the authentication and authorization based on scopes for the RSTUF API.
This is to discuss about removing this feature.
We already recommend our users use some external API authentication and authorization if it needs to be public.
Use case example:
For example, in cases of RubyGems or PyPI, the API for managing artifacts should be accessible only for the Distribution Platforms.
The APIs for management (update metadata, signing, etc.) should have an authen/z based on their governance policies/RBAC. That can be achieved by creating an interface on their platform, remote access using VPN, API Gateway using their SSO authentication, etc.
IMHO this feature:
- Is out of scope of RSTUF (TUF)
- It brings more risk than values
- Depending on the bug, it can be very dangerous for our users
It has already brought a lot of problems as I can list
- repository-service-tuf/repository-service-tuf-cli#397
- repository-service-tuf/repository-service-tuf-cli#259
- repository-service-tuf/repository-service-tuf-api#175
- repository-service-tuf/repository-service-tuf-api#264
- repository-service-tuf/repository-service-tuf-api#318
- repository-service-tuf/repository-service-tuf-api#324
...
Services it relates to
repository-service-for-tuf-cli, repository-service-for-tuf-api
Related tasks
No response
References
No response
Code of Conduct
- I agree to follow this project's Code of Conduct
TODO:
- repository-service-tuf/repository-service-tuf-cli#406
- repository-service-tuf/repository-service-tuf-api#460
- #495
- remove all issues related to authentication and authorization
- remove all prs related to authentication and authorization
I'm closing this issue.