Bug 868961

Summary: be able to sign bundles to ensure they haven't been tampered with during deployment
Product: [Other] RHQ Project Reporter: John Mazzitelli <mazz>
Component: ProvisioningAssignee: RHQ Project Maintainer <rhq-maint>
Status: NEW --- QA Contact: Mike Foley <mfoley>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.5CC: hrupp
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description John Mazzitelli 2012-10-22 11:01:01 EDT
It would be nice to somehow allow the RHQ system to "sign" a bundle (perhaps, stamp it with a sha256 hashcode) that could then be checked by the agent when it downloads the bundle to ensure the bundle wasn't tampered with prior to being unpacked and deployed by the agent.