This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Proposal for restricting authentication concerning use of revoked and expired GPG ID's in key-cert objects
- Previous message (by thread): [db-wg] Proposal for restricting authentication concerning use of revoked and expired GPG ID's in key-cert objects
- Next message (by thread): [db-wg] Proposal for restricting authentication concerning use of revoked and expired GPG ID's in key-cert objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Christoffer Hansen (Lists)
netravnen+lists at gmail.com
Mon Nov 5 14:24:11 CET 2018
Hi Gunnar, On Thu, 1 Nov 2018 at 15:51, Gunnar Guðvarðarson <gunnar.gudvardarson at advania.is> wrote: > What happens if you send signed update A, then signed update B, and then re-send signed update A. > > Does the re-sent signed update overwrite the object? Yes! If you re-send an older (signed) version (A) of an object in the RIPE database. A newer update (B) can be overwritten with the older one (A). The current implementation in the DB does not validate anything apart if the key as allowed or not. Expiration date or if an object has been update since an incoming update message is not taken into account. If the update message is signed with a valid key. It is accepted. (Currently I have only tested this with my own objects in the DB) Christoffer
- Previous message (by thread): [db-wg] Proposal for restricting authentication concerning use of revoked and expired GPG ID's in key-cert objects
- Next message (by thread): [db-wg] Proposal for restricting authentication concerning use of revoked and expired GPG ID's in key-cert objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]