Project

Profile

Help

Story #7701

closed

Make SigningService in the DB immutable

Added by bmbouter about 4 years ago. Updated almost 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
No
Tags:
Sprint:
Sprint 85
Quarter:

Description

Background

A public discussion was had on June 10th https://youtu.be/uecwUFJTWno and minutes taken here: https://hackmd.io/k5xm4WZ7QpeX0HF80XS9OQ

It was determined there that making the SigningService model itself immutable is a good thing for these reason:

  • Content signers should be able to leave their existing publications pointing to the old SigningService, otherwise their data will become invalidated.
  • Content signers should have to take explicit action when a public key is rotated, especially so they can know to also update clients.

Todo

Make it immutable, the data contained in a SigningService, or its subclass should not be modified once saved.

Also available in: Atom PDF