Project

General

Profile

Development #49

Report which assertion is signed and who signed it

Added by Benjamin Dauvergne over 11 years ago. Updated over 6 years ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Category:
Core
Target version:
Start date:
21 May 2010
Due date:
% Done:

0%

Estimated time:
20.00 h
Patch proposed:
Planning:

Description

Extract from a comment in mod_mellon in auth_mellon_handler.c:936 :
«
/* TODO: lasso only verifies the signature on the first asserion * element. Therefore we can't trust any of following assertions. * If the Response-element is signed then we can trust all the * assertions, but we have no way to find what element is signed.
*/
»

It would be useful to add a quark attachement to nodes giving their signature
validation status, mainly request/response messages and assertions.

History

#1

Updated by Benjamin Dauvergne over 11 years ago

  • Tracker changed from Bug to Development
#2

Updated by Benjamin Dauvergne about 11 years ago

  • Category set to Core
  • Target version changed from future to 2.4.0
#3

Updated by Benjamin Dauvergne over 9 years ago

  • Assignee deleted (Benjamin Dauvergne)
#4

Updated by Benjamin Dauvergne over 6 years ago

  • Target version changed from 2.4.0 to future

Also available in: Atom PDF