Comment 72 for bug 1490804
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: PKI Token Revocation Bypass | #72 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
Brant: Excellent! That's better than I had hoped (was assuming only the full document hash was being stored for earlier tokens). So this really would, in theory, be a complete fix for stable branch consumers. With that in mind, I agree it makes sense to slightly lighten the bit of the OSSN about no possibility of a backward compatible fix. Still shouldn't imply that there is definitely one coming in case something unforeseen happens in review, but getting awareness of the bug and mitigation recommendations out to deployers/operators in the near term is still a good idea.