diff options
author | Kali Kaneko <kali@futeisha.org> | 2015-06-08 16:46:12 -0400 |
---|---|---|
committer | Kali Kaneko <kali@futeisha.org> | 2015-06-08 16:46:12 -0400 |
commit | b91ea5f9974471c8f596a42eb5023c693a9da450 (patch) | |
tree | 04d71c67be68d8d069fdf3b355e71b7a1f8e7813 /docs/NOTES-isec-audit.org | |
parent | 3488c8fa0078576ab35e463c33fe8e3e47e34e61 (diff) | |
parent | a5d46a4e38985be540b9127ddcd3d8e21bbecb9a (diff) |
Merge tag 'upstream/2.0.2'
Upstream version 2.0.2
Diffstat (limited to 'docs/NOTES-isec-audit.org')
-rw-r--r-- | docs/NOTES-isec-audit.org | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/docs/NOTES-isec-audit.org b/docs/NOTES-isec-audit.org deleted file mode 100644 index f1d729d..0000000 --- a/docs/NOTES-isec-audit.org +++ /dev/null @@ -1,21 +0,0 @@ --*- mode: org; -*- - -* python-gnupg - -** what should be done by 1 May 2013: -- [ ] packaging for pypi -- [ ] unittests -- [ ] leap_mx and soledad should be using python-gnupg - -** what the isec folks might want to look at: -*** options - are there any ways to coerce python-gnupg in strange/buggy ways though its - allowed options, or, in general, though the API it presents? -*** daemons - if any of the daemons controlled by, or connected to, leap_mx or soledad - can be leveraged in any way to execute an a attack using python-gnupg. -*** keyID collision / couchDB key database poisoning - is there a way to trick python-gnupg into using an incorrect key? -*** identity leaks - is there a way to analyse the mailserver, leapmx, or soledad, to gain info - about which key is being used at a particular time? |