Skip to content

Reimplement security checks for the download endpoint.  #2

New issue
New issue
Open
Open
Reimplement security checks for the download endpoint. #2
Labels
enhancementNew feature or requestsecurityKnown security issues that need to be fixed as soon as possible
@lixiii

Description

@lixiii
lixiii
opened on Jan 10, 2019

I disabled the security check on the download endpoint so that it no longer checks for any cryptographic signature. This will be in place to make the prototype work until we have implemented the hypervault-id, which should basically encapsulate a 2048-bit RSA key pair together with the Composer Business Network card. The key pair in the network card does not work because it has a really small key size.

Once the hypervault-id has been implemented, commit ae97d01b70947d9f0d56ca699a9aabe3d9300957 should be reverted.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestsecurityKnown security issues that need to be fixed as soon as possible

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions