[email protected] wrote:
On Thu, Jun 11, 2009 at 12:39:25PM -0500, Shawn Walker wrote:
I feel like peer verification has to be under customer control because
the repository requiring the certificate may be their own and so a CA
Cert may not be available for whatever reason.
In this case, the customer has a self-signed certificate and can place
that cert in the site-specific certs directory described in case #2 of
the proposal.
See my other reply about the depot and cherrypy limitations. A CA Cert
may not be possible/supported.
The primary reason I'm uncomfortable with the directory being the
arbiter of the behaviour is because peer verification is often defined
by the security policy of the user. While I'm aware that we may not
have a standard location yet for the certificates, it feels wrong to
decide security policy based on the presence of a directory.
Let me repeat that this is not policy so much as it is a temporary
workaround. Once we're delivering certs reliably, it'll be removed and
we'll require peer verification.
That's fine.
Now whether this happens in a later implementation phase or doesn't
matter to me. I'm quite aware that the scope of transport changes has
already ballooned rather fearfully :)
I don't understand this comment.
In other words, control over peer verification, is in my view,
necessary. However, I wasn't trying to suggest *when* it would happen;
just that it should at some point.
--
Shawn Walker
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
