Aapo Talvensaari
Aapo Talvensaari
> Not sure if CI is flaky, but seems like this may have caused issue. Restarting CI 3rd time. Seems to gone green now.
Today is code freeze, so I am not sure do we want this in still? Seems like a stretch. How much this improves anything?
@ADD-SP are we going to merge this? Ping @chronolaw, can you review and approve?
@dependabot rebase
This needs some conversion as described here: https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md
The EE one with the same changes is failing. I need to figure out what is going on there. So let's post-pone merging this until I have EE sorted out.
@kikito / @hbagdi what is final decision: merge or not merge this on 3.7? It may break some installations that deal with large client bodies (larger than 10mb).
@nowNick, How does this behave in `AND`/`OR` scenario? E.g. `basic-auth` AND/OR `key-auth` (or do we just skip that complexity for now)?
> Hey @bungle ! > > When I was thinking about it I came to the conclusion that it's not necessary to handle those scenarios or it's impossible to do...
Looks like this is the latest draft: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures So in theory at least I would rather move this plugin in direction of this: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#iana-hsa-contents That lists there: - rsa-pss-sha512 -...