Hello everyone,
in the api-spec there is a mix3_directory_parse_from_string().
I wonder what the Right Thing is in the following cases:
(1) a mandatory field is missing in the directory
(e.g. Recommended-Servers)
(2) a single server descriptor's signature does not verify
(3.1) a mandatory field is missing in a single server descriptor.
(3.2) a mandatory field's value does not match the specified syntax
(e.g. Nickname)
(3.3) an optional field's value does not match the specified syntax
(e.g. Contact-Fingerprint)
(4.1) a mandatory field is missing in an optional section of a
server descriptor.
(4.2) a mandatory field's value in an optional section does not
match the specified syntax
(4.3) an optional field's value in an optional section does not
match the specified syntax
I think the following things should be done:
(1) reject the entire directory.
(2) ignore this server descriptor
(3.1) ignore this server descriptor
(3.2) ignore this server descriptor
(3.3) ignore this entry
(4.1) ignore this section
(4.2) ignore this section
(4.3) ignore this entry
In theory all these cases should never happen, so it might also be
feasible to reject the entire directory.
In any case, the recommended behaviour should be specified.
comments?
Peter
--
PGP signed and encrypted | .''`. ** Debian GNU/Linux **
messages preferred. | : :' : The universal
| `. `' Operating System
http://www.palfrader.org/ | `- http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature