Discussion about Cancel-Lock support
Russ Allbery
eagle at eyrie.org
Sun Sep 19 20:28:21 UTC 2021
Julien ÉLIE <julien at trigofacile.com> writes:
> Having 4 parameters may appear to be a bad idea (though I initially had it
> in mind). Your suggestion of only 2 makes it clearer I think. During key
> rotation, both hashes are sent and verified. Simply.
> cancels {
> canlockuser: [ password anotherpassword ]
> canlockadmin: [ adminpassword anotheradminpassword ]
> }
> seems simpler over all.
Yeah, I agree. Unless there's a strong reason to not send the hash for
the key being retired (and I'm not seeing one), I think the above is
simpler.
--
Russ Allbery (eagle at eyrie.org) <https://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers
mailing list