summaryrefslogtreecommitdiff
path: root/docs/NOTES-isec-audit.org
diff options
context:
space:
mode:
authorKali Kaneko <kali@futeisha.org>2015-06-08 17:00:40 -0400
committerKali Kaneko <kali@futeisha.org>2015-06-08 17:00:40 -0400
commit28ec72ebe2aac0829b11e016ab21ec52308c0854 (patch)
tree1ddeb46cbc0af8ba57ec29c81c43ae39b52d953f /docs/NOTES-isec-audit.org
parent3408b93ee630e01b0905b9bfa849d611bdc52c0a (diff)
parent18b6361d66518b5c413c5b893676b87503545274 (diff)
Merge branch 'release-2.0.2'
Diffstat (limited to 'docs/NOTES-isec-audit.org')
-rw-r--r--docs/NOTES-isec-audit.org21
1 files changed, 0 insertions, 21 deletions
diff --git a/docs/NOTES-isec-audit.org b/docs/NOTES-isec-audit.org
deleted file mode 100644
index f1d729d..0000000
--- a/docs/NOTES-isec-audit.org
+++ /dev/null
@@ -1,21 +0,0 @@
--*- mode: org; -*-
-
-* python-gnupg
-
-** what should be done by 1 May 2013:
-- [ ] packaging for pypi
-- [ ] unittests
-- [ ] leap_mx and soledad should be using python-gnupg
-
-** what the isec folks might want to look at:
-*** options
- are there any ways to coerce python-gnupg in strange/buggy ways though its
- allowed options, or, in general, though the API it presents?
-*** daemons
- if any of the daemons controlled by, or connected to, leap_mx or soledad
- can be leveraged in any way to execute an a attack using python-gnupg.
-*** keyID collision / couchDB key database poisoning
- is there a way to trick python-gnupg into using an incorrect key?
-*** identity leaks
- is there a way to analyse the mailserver, leapmx, or soledad, to gain info
- about which key is being used at a particular time?