Ryan Fisher on Nostr: gme 🇺🇸🇺🇦🏳️⚧️🏳️🌈 it's not live yet, but yes I'm ...
gme 🇺🇸🇺🇦🏳️⚧️🏳️🌈 (npub12gf…p35w) it's not live yet, but yes I'm going to lockdown access to only the Intune endpoints and it can access the CA for issuing. My understanding is the securing of local SCEP endpoints (which SCEP doesn't support) is addressed with the Intune plugin which adds additional authorization using Azure crypto exchange outside of the SCEP protocol.
Are there other protections I should put on those endpoints?
Published at
2023-06-05 00:21:29Event JSON
{
"id": "d163c3ff56287deca397980a49c9b489ad6b13e60e4b5b7b7ab900dfd643a4e6",
"pubkey": "8ce245fb2e650783cbe4b671c3079fb8ecba288d9abf5957dca7afc54402e786",
"created_at": 1685924489,
"kind": 1,
"tags": [
[
"p",
"5213d99181068382f94d0f960ef71640c31bbb357b2111c0f6a505c9df7e81c3",
"wss://relay.mostr.pub"
],
[
"e",
"6e597a0de801d7fd447ad81991c1afda941d9f6bac5a80b6381fd18d23ad8d20",
"wss://relay.mostr.pub",
"reply"
],
[
"mostr",
"https://infosec.exchange/users/wryanfisher/statuses/110488747359052141"
]
],
"content": "nostr:npub12gfanyvpq6pc972dp7tqaackgrp3hwe40vs3rs8k55zunhm7s8pszap35w it's not live yet, but yes I'm going to lockdown access to only the Intune endpoints and it can access the CA for issuing. My understanding is the securing of local SCEP endpoints (which SCEP doesn't support) is addressed with the Intune plugin which adds additional authorization using Azure crypto exchange outside of the SCEP protocol.\n\nAre there other protections I should put on those endpoints?",
"sig": "cb11348731ccba2687003d147960c2bc8c714edbdb52b7784e1eb91ca7339640ca5a2aba3d1e4f7a0282727950c6d6c668b385cee56d320f2a2a69e18ef30e27"
}
