Robert Newson
Robert Newson
The `_replicator` database should not have been user-accessible from the start. We should have put it behind an api endpoint with defined semantics. Too late to change it now, hence...
@lostnet There's no mechanism to send an "advisory" though, otherwise I'd agree. I also don't know what percentage of users edit documents through Fauxton but anything we do here would...
I don't believe we made any promises about the AuthSession cookie format. It's an opaque string generated by CouchDB that CouchDB can validate when it is presented again later. An...
hrm, that is annoying, but fair point. I suggest that the digest function underneath the two uses of HMAC be a configuration item then, defaulting to `sha256` in the next...
the config proposal would appear to achieve it? upgrade all the nodes first then config:set to the new algorithm on all nodes afterward.
that's right, Jay, users would have to login again when the config item is flipped, but that seems right to me when enhancing security. otherwise we'd have to add some...
How about this; 1) when we receive an AuthSession cookie we try to confirm it with HMAC-SHA256. If that is successful, we continue as usual. 2) if unsuccessful we try...
@big-r81 what do you think about reverting while we redo this with compatibility improvements?
I suggest keeping it simple for the first version. You only need a 'legacy' toggle option, defaulting to true as you have it above. CouchDB, after upgrade, will use HMAC-SHA-256...