Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hinting hard #320

Open
kfox1111 opened this issue Jan 25, 2025 · 1 comment
Open

Hinting hard #320

kfox1111 opened this issue Jan 25, 2025 · 1 comment

Comments

@kfox1111
Copy link
Contributor

Was digging through an existing code trying to add a hint to it. Its twisty.

Seems like there are multiple ways of getting svids and don't have hint options.

For example, I traced through through to here, which hardcodes just grabbing the first one found:
https://github.com/spiffe/go-spiffe/blob/main/v2/workloadapi/client.go#L76
@kfox1111
Copy link
Contributor Author

Ok... I think part of the problem with this, is there are two ways to do hinting....

  1. getting all the svids, then filtering by the hint
  2. asking the agent for the svid with the hint.

The latter is arguably more secure, as you're not handling sensitive things you don't need, as well as performing slightly faster.

I don't see much support for 2 though in the library.

I think 1 is possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kfox1111