Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Package Signing] Enable signature registration upon package upload #6009

Open
anangaur opened this issue May 30, 2018 · 1 comment
Open

[Package Signing] Enable signature registration upon package upload #6009

anangaur opened this issue May 30, 2018 · 1 comment
Labels
Area: Gallery UI Area: Validation Type:Feature

Comments

@anangaur
Copy link
Member

/cc: @rido-min @onovotny (your feedback)

Package upload

image

Note: The 2FA requirement for registering certificates applies.

Package push (P2)

With an additional push option:

> dotnet nuget push <package> --register-certificate
@rido-min
Copy link

When receiving a valid signed package, I would register the certificate always, without requiring an explicit gesture (checkbox in Web, --register-certificate in CLI).

The signature probes the user has access to the private key, and that should be enough.
Registering a certificate ahead of time can be considered as Opt-In for extra auth protection, but not a requirement.

@rido-min rido-min mentioned this issue May 31, 2018
Closed
@skofman1 skofman1 added this to the S139 - 2018.07.23 milestone Jul 3, 2018
@skofman1 skofman1 removed this from the S139 - 2018.07.23 milestone Jul 19, 2018
@skofman1 skofman1 mentioned this issue Dec 15, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: Gallery UI Area: Validation Type:Feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@anangaur @rido-min @skofman1