Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Security Consideration on signing status list #128

Open
PieterKas opened this issue Mar 21, 2024 · 2 comments
Open

Add Security Consideration on signing status list #128

PieterKas opened this issue Mar 21, 2024 · 2 comments
Assignees
@paulbastian
Milestone
-03

Comments

@PieterKas
Copy link

It may be a good idea to add guidance on the implications of not signing the status list to make the security trade-offs explicit.
@c2bo
Copy link
Member

c2bo commented Mar 21, 2024

Thanks for opening the issue and I agree, we should probably be a lot more explicit for this part.
Biggest question would be where this fits? Perhaps a general introduction at the start of section 5?

@paulbastian paulbastian added this to the -03 milestone Apr 2, 2024
@paulbastian
Copy link
Contributor

Editors Call Discussion:

  • Add security consideration for now
  • Discuss if the unsigned option should stay in or not for the long term (usefulness/security/less options)

@paulbastian paulbastian self-assigned this May 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paulbastian paulbastian

Labels
None yet
Projects
None yet
Milestone
-03
Development

No branches or pull requests
3 participants
@c2bo @paulbastian @PieterKas