launchpadlib

launchpadlib: please don't rely on the full list of CAs

Bug #1379145 reported by Paul Wise (Debian)
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
launchpadlib
New
Undecided
Unassigned

Bug Description

Hi,

Along the lines of [1], please create a Launchpad API CA, embed the cert
for it in launchpadlib, create certs using only it and create an
endpoint that uses it. launchpadlib should also have an API for setting
the CA for when Launchpad API CA transitions are needed.

     1. http://www.thoughtcrime.org/blog/authenticity-is-broken-in-ssl-but-your-app-ha/

 affects launchpadlib

--
bye,
pabs

https://wiki.debian.org/PaulWise

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.