From 5e921b566f17ccd7aaf9e80bb8fec6106bf62b1f Mon Sep 17 00:00:00 2001 From: Ted Unangst Date: Sun, 14 Apr 2019 14:17:50 -0400 Subject: [PATCH] trustno1 --- docs/security.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/security.txt b/docs/security.txt index e4e7df8..f09f362 100644 --- a/docs/security.txt +++ b/docs/security.txt @@ -5,6 +5,10 @@ honk is not currently hardened against SSRF, server side request forgery. Be mindful of what else may be reachable on localhost or the local network if it's not generally accessible. +Key and signature verification is best effort, but some forgeries may sneak +past. In particular, tying together key name, key owner, actor, object, etc. +is incomplete. + How are user keys supposed to be rotated? Expired? Revoked? The current answer is never, never, never.