smolnar82 commented on PR #1244:
URL: https://github.com/apache/knox/pull/1244#issuecomment-4591034586
I don't think this is a serious security vulnerability as the added
certificates are public CA roots from Let's Encrypt's official staging
hierarchy, not arbitrary certificates.
However, I've a few questions:
- What use case requires trusting staging roots?
- Is there a real customer scenario?
- Is this only for automated testing?
- Can this be made optional?
- For example via build argument or environment variable.
- Then test users can enable it while production users keep a smaller
trust set.
- Are all these roots necessary?
- The patch adds multiple generations (X1, X2, YE, YR, cross-signed
variants).
- It may be worth confirming that all are actually needed.
Adding staging roots increases the set of trusted certificate authorities
and allows Knox to trust certificates issued by Let's Encrypt's testing
infrastructure. Can we clarify the use case and whether this trust should be
enabled only for testing environments rather than all Docker deployments (see
my question above about making them optional)?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
