Comment 5 for bug 1490804
Revision history for this message
| Morgan Fainberg (mdrnstm) wrote Re: Token Revocation Bypass | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
If this is PKI/PKIZ tokens, there are no "internal" IDs as the internal ID would be part of the signed data. The signed data cannot contain the ID itself as it would change the ID.
Discussing this a bit further it looks like "revoke by ID" should have been based on fingerprint or the signed data (as per adam young). Alternatively, we can now use the audit_ids for "revoke by id"
I am still in process of confirming outside of swift.