Skip to content

Commit

Permalink
minor wording
Browse files Browse the repository at this point in the history
Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
  • Loading branch information
zhaohuabing committed May 1, 2024
1 parent e48ad93 commit a0cc42c
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions site/content/en/contributions/design/wasm-extension.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ will be configurable.
* To prevent unauthorized proxies from accessing the Wasm modules, the communication between the Envoy and EG will be
secured using mutual TLS.
* To prevent unauthorized users from accessing the Wasm modules, the user who creates the EEP must have the appropriate
permissions to access the OCI registry. For example, if users in different namespaces (ns1, ns2) access the same OCI image,
each must create a unique secret with registry credentials (secret1 for user1 in ns1, secret2 for user2 in ns2). EG will
validate the provided secret against the OCI registry before serving the Wasm module to the target HTTPRoute/Gateway.
permissions to access the OCI registry. For example, if two users create EEPs in different namespaces (ns1, ns2) accessing
the same OCI image, each must also create a unique secret with registry credentials (secret1 for user1 in ns1, secret2 for user2 in ns2).
EG will validate the provided secret against the OCI registry before serving the Wasm module to the target HTTPRoute/Gateway of that EEP.
* To prevent unauthorized users from accessing the Wasm modules, the download URL will be appended with a generated secret
suffix that can be validated by the EG.

Expand Down

0 comments on commit a0cc42c

Please sign in to comment.