Comment by doodaddy
2 days ago
Zero trust states that you don’t implicitly trust an entity even if they were previously authenticated. So is this a critique of zero trust? More productive might be to say that we shouldn’t blindly force reauth if our risk profile doesn’t warrant it - just like any security mechanism.
No comments yet
Contribute on Hacker News ↗