Merge keys when updating an exisiting key

This is needed to prevent roll back attacks where the attacker push us to accept a key with an old expiration date that could be use to push an untrusted key when after it's expiration.
author: Ruben Pollan <meskio@sindominio.net> 2014-10-30 21:54:32 -0600
committer: Ruben Pollan <meskio@sindominio.net> 2014-11-04 11:53:24 -0600
commit: 1fac28ed61bde2b8db8cff8aea45b20705a072e3 (patch)
tree: a3be97c6cd48f4d79d861fa744d4a5d4338f9e13 /keymanager/src/leap/keymanager/validation.py
parent: 12a1627e820ed543158678326032814daebe139d (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/keymanager/src/leap/keymanager/validation.py b/keymanager/src/leap/keymanager/validation.py
index 6dceb78..7d68966 100644
--- a/keymanager/src/leap/keymanager/validation.py
+++ b/keymanager/src/leap/keymanager/validation.py
@@ -73,7 +73,6 @@ def can_upgrade(new_key, old_key):
 
     # An update of the same key
     if new_key.fingerprint == old_key.fingerprint:
-        # XXX wich one is newer? is that a downgrade attack? (#6210)
         return True
 
     # Manually verified fingerprint
author	Ruben Pollan <meskio@sindominio.net>	2014-10-30 21:54:32 -0600
committer	Ruben Pollan <meskio@sindominio.net>	2014-11-04 11:53:24 -0600
commit	1fac28ed61bde2b8db8cff8aea45b20705a072e3 (patch)
tree	a3be97c6cd48f4d79d861fa744d4a5d4338f9e13 /keymanager/src/leap/keymanager/validation.py
parent	12a1627e820ed543158678326032814daebe139d (diff)