Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-109

Trusted Application certificate response should be identifiable as such

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Medium
    • 0.37
    • 0.33
    • None
    • true

    Description

      A trusted application service provider requests the application certificate from a to-be-trusted client.

      The response that is returned is largely unvalidatable.

      Some metadata or message structure should be used so consumers of this response can validate incoming text as being an instance of this message type.

      Such protocols should also contain a protocol version to aid backwards compatibility.

      e.g:

      protocol = Atlassian Trusted Application Certificate Protocol
      protocol.version = 1.2
      protocol.message = Trust Certificate Response
      application.id = confluence:1234567
      certificate.data = MIIBIjANBgkqhkiG9w0BAQEFAAazZEjpQ33w1rXg374er2ZkevnI7U1HCrHyP2FezV/iNBsOVg1/IDAQAB

      Attachments

        Issue Links

          is related to

          Suggestion - JRASERVER-14421 Trusted Apps Initial Request Phase: Detect and report obvious classes of user input errors.

          • Closed

          Activity

            People

              jed Jed Wesley-Smith (Inactive)
              chris@atlassian.com Chris Mountford
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                16 years, 12 weeks, 3 days ago