michielbdejong
commented
8 years ago We discussed last week that we want the registration server just to pass an opaque "message" field. I'll adapt this PR accordingly (basically, s/domain/message).
Closed samgiles closed 8 years ago
michielbdejong
commented
8 years ago We discussed last week that we want the registration server just to pass an opaque "message" field. I'll adapt this PR accordingly (basically, s/domain/message).
samgiles
commented
8 years ago I'm still not entirely clear on the benefits of accepting and storing an arbitrary message, it kind of makes the API loosely defined - which of course may have been the goal. I'm slightly against it in that it makes data validation harder, and pushes some complexity out to the clients.
I don't want to be blocked on this though so I'm r+'ing Michiel's change.
samgiles
commented
8 years ago Ok, closing this actually, although I'm not happy with using a message, it doesn't make sense to have a message and a 'tunnel_configured' field when we can send arbitrary JSON.
michielbdejong
commented
8 years ago ah yes, the tunnel_configured field should also go inside the message. My point about the generic message is, the registration server is already passing an arbitrary string, without being in any position to check its context (apart from schemas, which don't validate anything other than the syntax). So then we might as well call that opaque string that we pass a 'message'. We can chat more about it on irc!
Now accepts only a domain containing a fingerprint the local and remote endpoints are then to be derived from this domain. local. and remote. for example.
In the near future, we will verify that the client request certificate used to POST entries is using the fingerprint in the POSTed domain.