Skip to content

Commit

Permalink
Adding language regarding the TLS certificates
Browse files Browse the repository at this point in the history
  • Loading branch information
@arschles
arschles committed Feb 8, 2018
1 parent 99c458a commit 2619553
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions spec.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,9 +170,12 @@ specification. Please see the
for details on these mechanisms.

If authentication is used, the Service Broker MUST authenticate the request
using the predetermined authentication mechanism, securing communications
via TLS, and MUST return a `401 Unauthorized` response if the authentication
fails.
using the predetermined authentication mechanism, and MUST return a `401 Unauthorized`
response if the authentication fails.

Additionally, the Service Broker MUST secure communucations with TLS. The Platform
and Service Broker SHOULD agree whether the Service Broker should use a root-signed
certificate or a self-signed certificate.

Note: Using an authentication mechanism that is agreed to via out of band
communications could lead to interoperability issues with other Platforms.
Expand Down

0 comments on commit 2619553

Please sign in to comment.