Are there any sequence diagrams?

Hi,

I would like to understand exactly what messages are being sent between which components when certain operations are performed. Would it be possible to create some sequence diagrams or data flow diagrams in the documentation to show what’s happening under the hood when you enroll, login, dial, send data, etc?

Does anything like this already exist?

enrollment is documented really well here: Bootstrapping Trust | Ziti

We have an older - but largely still accurate plant uml docs for sdk hosted services (the most common now-a-days) and router terminated services. They are possibly out of date here and there - just beware of that. I’ve attached those two images here. This might make a good ziti tv topic too.


1 Like

Yes.. working through this would be awesome.. especially how it operates between the browser, controller and the target.

What I understand that is different is the client TLS handshake.. which is not normally done as part of the authentication process.

My hunch is that when this client authentication does not work well.. say because the certificate authority is not verified.. it generates lots of errors..

it would be great to understand this in more detail :slight_smile:

Thanks. I can’t make out the details on the images - do you have a link to the PlantUML?

There are a few questions still on the enrolment. The link you sent gives some details, but:

  • The sequence numbers/steps in the image (1-9) don’t match the numbers/steps in the text (1-12).
  • What protocols are used for each step? I would find it helpful to map this to, e.g., REST API calls. Is it using HTTPS with just server authentication?
  • Some of the text is misleading. e.g. “No individual piece of software blindly trusts any other for inbound or outbound connections.”, but I’m assuming the controller has to trust the SDK client connections (but not the contents) since the SDK client doesn’t have any credentials except the jwt, which is not sent until step 8/11.

You need to download the image and look at it. I just was able to on my phone. I have the plant text, I tried to render it and it failed so I had to fallback to the image. Lol

I’m traveling but I can find the text and post it back, just, it might not render.