-
Updating this to a bug report: gencert does not work with a local profile for expiry. Below are the configs used.
---
It does work when the same configuration is used with the remote service (cfssl …
-
### Problem
While trying to test PR #2367 using the `ssh -R 80:localhost:8000 nokey@localhost.run` command (plus `grunt dev`), I wasn't able to join a group on my phone.
I encountered two differ…
-
After an extended network partition that affects connectivity from SPIRE server to SPIRE database and from SPIRE agent to SPIRE server, SPIRE agent signing requests to SPIRE server can come in like a …
-
When signing in with openIDConnect, there should be an option to get the user information from the userinfo endpoint instead of the idToken because some oidc servers only send basic userinfo in the id…
-
According to RFC/ATIS/3GPP, HTTP Accept header should be "application/json". But the test bed accepted "text/plain".
Tested on 1/24/2023.
-
As detailed [here](https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/), JWT verification functions should require specifying the algorithm that should have been used, in orde…
-
We should sign our plugin to be compatible with Grafana's [plugin signature verification](https://grafana.com/docs/grafana/latest/plugins/plugin-signatures/):
> Plugin signature verification (signi…
-
This is a nice to have but most implementations seem insecure (require storing "secret" inside code)
-
TESTCASE: https://gist.github.com/chakrit/a29a08fc35af35529ac8
Run `npm install && node server.js` and then in another terminal window, run `./client.sh`
---
Basically domain errors have this extra…
-
After the zip is verified, the metadata is verified against it to make sure that it was accurate. However, it would be nice to have offline signing of the update channel metadata in a way that enforce…