Bug 1599915 - RFE: cert pinning
Summary: RFE: cert pinning
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: librepo
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: rpm-software-management
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords: Triaged
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-07-10 22:45 UTC by Kevin Fenzi
Modified: 2018-07-16 11:26 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed:


Attachments (Terms of Use)

Description Kevin Fenzi 2018-07-10 22:45:06 UTC
In https://pagure.io/fedora-infrastructure/issue/5372 we talk about cert pinning for atomic host content. 

Is this something that might be possible to implement here as well? 

basically we would hard code into the package information about all the cert(s) that fedoraproject.org would use so it could validate that there was no MITM or other issues happening.


Note You need to log in before you can comment on or make changes to this bug.