bindle icon indicating copy to clipboard operation
bindle copied to clipboard
verified publisher icon deislabs

parcel-id should be fully qualified

Open npmccallum opened this issue 4 years ago • 3 comments

/_i/{bindle-name}@{parcel-id}

It looks to me like the parcel-id field here is an unqualified hash. That is, it is up to the server to implicitly choose which hash algorithm to use. This should not be implicit as subtle security problems can arise from such configurations.

Wisely, because the parcel-id is always specified in the context of a bindle name, this problem is lessened somewhat. But in a content store digests should always be fully qualified (i.e. sha256:...).

npmccallum avatar Dec 16 '21 13:12 npmccallum

This is a good point. Right now we only support sha256 but that will likely change to support more in the future. I'll mark this as an enhancement

thomastaylor312 avatar Jan 19 '22 19:01 thomastaylor312

What would the concrete todo here be?

michelleN avatar Jan 26 '22 20:01 michelleN

2 main things I think:

  1. Change the protocol spec doc to account for this in the API
  2. Update the code to implement the spec change

thomastaylor312 avatar Jan 26 '22 21:01 thomastaylor312