[Asterisk-code-review] STIR/SHAKEN: Fix certificate type and storage. (asterisk[16])
George Joseph
asteriskteam at digium.com
Tue Apr 27 13:55:46 CDT 2021
George Joseph has posted comments on this change. ( https://gerrit.asterisk.org/c/asterisk/+/15822 )
Change subject: STIR/SHAKEN: Fix certificate type and storage.
......................................................................
Patch Set 2: Code-Review-1
(2 comments)
https://gerrit.asterisk.org/c/asterisk/+/15822/2/configs/samples/stir_shaken.conf.sample
File configs/samples/stir_shaken.conf.sample:
https://gerrit.asterisk.org/c/asterisk/+/15822/2/configs/samples/stir_shaken.conf.sample@38
PS2, Line 38: ;public_key_url=http://mycompany.com/${CERTIFICATE}.pem
I think we need to clarify whether this is a public_key_url is used for attestation or one used for verification. And is this actually a key or a certificate?
https://gerrit.asterisk.org/c/asterisk/+/15822/2/configs/samples/stir_shaken.conf.sample@48
PS2, Line 48: File path to a certificate. This can be RSA or ECDSA, but eventually only ECDSA will be supported.
: ;path=/etc/asterisk/stir/alice.pem
: ;
: ; URL to the public key. Must be of type X509.
: ;public_key_url=http://mycompany.com/alice.pem
Same as above. What's used for what?
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/15822
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
Gerrit-Change-Number: 15822
Gerrit-PatchSet: 2
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Comment-Date: Tue, 27 Apr 2021 18:55:46 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210427/3c36be54/attachment.html>
More information about the asterisk-code-review
mailing list