Trusted Proxy Client Configuration

This configuration applies to client applications acting as a trusted proxy for other entities. The trusted proxy includes custom code and data to support its MSL configuration. The platform and execution environment are implicitly trusted by the client and server applications.

Entity Authentication

The trusted proxy entity authentication scheme will be used.

The proxy entity authentication scheme will be one of pre-shared keys, model group keys, or RSA.

User Authentication

All user authentication schemes will be supported. The exact scheme used will depend upon the desired sign-up and sign-in user experience.

Key Exchange

The JSON Web Encryption key ladder or JSON Web Key key ladder key exchange schemes will be used with the pre-shared keys and model group keys entity authentication schemes. The initial key exchange will use the pre-shared keys or model group keys wrapping key. Each subsequent key exchange will use the previously returned wrapping key.

The asymmetric wrapped or Diffie-Hellman key exchange schemes will be used with the RSA entity authentication scheme.

A Netflix Original Production
Tech Blog | Twitter @NetflixOSS | Jobs

Configuration Guide

Messaging Guide

Trusted Proxy Client Configuration

Entity Authentication

User Authentication

Key Exchange

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally