Context
docs/trusted-match/router-architecture.mdx describes the TMP Router as infrastructure between publishers and buyer agents, exposing POST /tmp/context and POST /tmp/identity. The router:
- Signs outbound requests to providers with Ed25519 (spec'd in detail).
- Verifies inbound requests from providers.
But the inbound publisher → router hop has no auth story:
- The sample deployment YAML in the doc shows
listen: :8443 + TLS cert/key, but no auth block.
- The spec text does not say whether a router MUST authenticate its callers, and if so how.
- The "Provider registration security" section covers provider-side keys but not publisher-side callers.
Options a reference implementation has to pick from
- Leave it to operator ingress. The router accepts anything from
127.0.0.1; operators put mTLS/JWT/HMAC at their load balancer. Doc this explicitly and add X-Forwarded-* handling guidance.
- Mandate mTLS on the router itself. Publisher client cert verified against a configured CA. Consistent with how providers verify router signatures.
- Bearer token / shared secret. Simple, common; needs rotation guidance.
- HMAC-signed publisher requests. Symmetric to the router→provider Ed25519 story; overkill if publishers share the router deployment.
Ask
Please pin down in the spec:
- Whether publisher→router auth is REQUIRED, RECOMMENDED, or "deployment-specific" (and if the last, add explicit ingress-termination guidance).
- If required/recommended, which mechanism(s) MUST/SHOULD be supported by conforming router implementations.
- Whether the router MUST enforce origin binding (e.g. reject a call from publisher X carrying credentials scoped to publisher Y).
A reference implementation (adcp-go) is about to publish a community image and needs to know what to build in vs what to delegate to the ingress layer.
Context
docs/trusted-match/router-architecture.mdxdescribes the TMP Router as infrastructure between publishers and buyer agents, exposingPOST /tmp/contextandPOST /tmp/identity. The router:But the inbound publisher → router hop has no auth story:
listen: :8443+ TLS cert/key, but noauthblock.Options a reference implementation has to pick from
127.0.0.1; operators put mTLS/JWT/HMAC at their load balancer. Doc this explicitly and addX-Forwarded-*handling guidance.Ask
Please pin down in the spec:
A reference implementation (
adcp-go) is about to publish a community image and needs to know what to build in vs what to delegate to the ingress layer.