Metadata for partial verification secondaries should not contain strings

[trishankkarthik]

As @samlauzon has advised, metadata for partial verification secondaries (which consists solely of a single targets metadata file from the director repository) should not contain strings. This is due to: (1) implementation constraints on these secondaries, and (2) security concerns (e.g., buffer overflows).

We need to think about how to solve this issue without losing flexibility.

[JustinCappos]

What sort of strings is this referring to? I agree that things like hash
type, etc. should be removed (implicitly in version info or similar).

On Sat, Oct 8, 2016 at 1:07 PM, Trishank Karthik Kuppusamy <
[email protected]> wrote:

As @samlauzon https://github.com/samlauzon has advised, metadata for
partial verification secondaries (which consists solely of a single targets
metadata file from the director repository) should not contain strings.
This is due to: (1) implementation constraints on these secondaries, and
(2) security concerns (e.g., buffer overflows).

We need to think about how to solve this issue without losing flexibility.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#3, or mute the thread
https://github.com/notifications/unsubscribe-auth/AA0XD_Ph10oQf_Gifbt1SqcQLvRj1K-Dks5qx83egaJpZM4KRxaW
.