Merge commit 'jrollins/master'

author: Micah Anderson <micah@riseup.net> 2008-08-18 21:06:24 -0400
committer: Micah Anderson <micah@riseup.net> 2008-08-18 21:06:24 -0400
commit: 6ac379bdd75617cfab19c3b175a2e10257444de3 (patch)
tree: 174a0b650b030fd1f0a43d7de4b87af81ac7e17c /website/bugs/list-id-certifiers-should-run-non-priv.mdwn
parent: 1c1d84bc446cc6d55ba4cd5efc7f5a6c3573fa93 (diff)
parent: f4d2a81d7fa375af270b95da25acea8b0a0150e5 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/website/bugs/list-id-certifiers-should-run-non-priv.mdwn b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn
new file mode 100644
index 0000000..2a3d533
--- /dev/null
+++ b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn
@@ -0,0 +1,19 @@
+[[meta title="list-identity-certfiers should run as the non-privileged user"]]
+
+Right now, `monkeysphere-server list-identity-certifiers` runs as the
+superuser, and just lists the keys in the host's keyring.  This might
+not be the actual list of valid id certifiers, for a number of reasons:
+
+* the keys themselves might have been revoked by the owner
+
+* the id-certifiers might have been added with a different trust
+  level, or a regexp/domain limitation.
+
+It would make more sense to derive the list of trusted certifiers
+directly from the keyrings as seen by the non-privileged
+`monkeysphere` user, since this user's keyrings are what are going to
+judge the validity of various user IDs.
+
+---
+
+[[bugs/done]] 2008-08-16 in a29b35e69d0fab5f2de42ed5edd9512a6552e75a
author	Micah Anderson <micah@riseup.net>	2008-08-18 21:06:24 -0400
committer	Micah Anderson <micah@riseup.net>	2008-08-18 21:06:24 -0400
commit	6ac379bdd75617cfab19c3b175a2e10257444de3 (patch)
tree	174a0b650b030fd1f0a43d7de4b87af81ac7e17c /website/bugs/list-id-certifiers-should-run-non-priv.mdwn
parent	1c1d84bc446cc6d55ba4cd5efc7f5a6c3573fa93 (diff)
parent	f4d2a81d7fa375af270b95da25acea8b0a0150e5 (diff)