Comment by doodaddy

2 days ago

Zero trust states that you don’t implicitly trust an entity even if they were previously authenticated. So is this a critique of zero trust? More productive might be to say that we shouldn’t blindly force reauth if our risk profile doesn’t warrant it - just like any security mechanism.

0 comments