Uploaded image for project: 'Automation Hub'
  1. Automation Hub
  2. AAH-1917

Add signature upload safeguards

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Obsolete
    • Icon: Undefined Undefined
    • 2.3
    • None
    • UI
    • False
    • Hide

      None

      Show
      None
    • False
    • Do Not Include (note: this means to exclude from release notes and errata)

      Problem Description:

      Since validated and certified content will use different keys for signing collections, we want to make sure that user's don't accidentally use the wrong signature for the wrong collection

      Proposed Solution:

      On the approval dashboard check the public key fingerprint for the collection signature that is being uploaded and verify that it matches the key that was used to sign the last version of the collection that was uploaded. If there is a public key mismatch, raise an alert modal that requires the user to confirm that the signature is correct.

            dnewswan David Newswanger
            dnewswan David Newswanger
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: