Security and Kea new ARM section

I propose a new section in the ARM about security and Kea with this plan:

privileged sockets for DHCP service
control channel using UNIX sockets
local use of the control agent
remote use of the control agent

There is no remote access to UNIX sockets as they are local objects. And of course if (when) we change the control agent function for instance putting the HTTP endpoint in servers this will have to be rewritten.

The document is being created here: https://gitlab.isc.org/isc-projects/kea/-/wikis/security.

Edited Dec 17, 2020 by Tomek Mrugalski

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information