Comment 11 for bug 1202952
Revision history for this message
| Adam Young (ayoung) wrote Re: PKI tokens are never revoked using memcache token backend | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
All memcache token incarnations for PKI tokens are affected. Since that code went in back in Folsom, that means Folsom, Grizzly and Havana.
The fix is a server side fix. We could also fix using the auth_token middleware, but that is probably suboptimal. It will slow down the revocation check, and it would require updating every component in an OS deployment. Server side fix is preferable and proper.
Deploying the fix will dump the revocation list, but since it was not checked before, it will be no worse than it was.