Skip to content

chore: Remove timestamps from default signature template #588

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alexbouchardd wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: Remove timestamps from default signature template #588

alexbouchardd wants to merge 1 commit into from

Conversation

@alexbouchardd
Copy link
Contributor

@alexbouchardd alexbouchardd commented Dec 10, 2025

Including the timestamp into the default signature was an oversight.

There's a valid debate around the relevance of timestamp in signatures but our position is that it's security theater as does not effecively protect agaisnt replay attacks (given the need for a validity window). It also leads to more signature verification complexity which in turns results into less users verifying the signatures ultimately leading to less secure systems.

Outpost administrators can still decide to inclue the timestamp is they wish, it's simply not longer the default signature format.

This is a breaking change and to maintain current signature format configs need to be updated with:

DESTINATIONS_WEBHOOK_SIGNATURE_CONTENT_TEMPLATE={{.Timestamp.Unix}}.{{.Body}}
DESTINATIONS_WEBHOOK_SIGNATURE_HEADER_TEMPLATE=t={{.Timestamp.Unix}},v0={{.Signatures | join ","}}

@vercel
Copy link

vercel bot commented Dec 10, 2025

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
outpost-docs Ready Ready Preview Comment Dec 10, 2025 2:14am
outpost-website Ready Ready Preview Comment Dec 10, 2025 2:14am

@alexbouchardd alexbouchardd changed the title chore: Removing timestamps from default signatures chore: Remove timestamps from default signatures Dec 10, 2025
@alexbouchardd alexbouchardd changed the title chore: Remove timestamps from default signatures chore: Remove timestamps from default signature template Dec 10, 2025
alexluong
alexluong reviewed Dec 10, 2025
View reviewed changes
Copy link
Collaborator

@alexluong alexluong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's include this in the upcoming release with CH & Log API given it's a pretty big breaking change

also will need some changes in the tests I think but I can take it from here

@alexluong
Copy link
Collaborator

alexluong commented Dec 10, 2025

TODO: make sure the generated config md shows the right value for DESTINATIONS_WEBHOOK_SIGNATURE_HEADER_TEMPLATE=t={{.Timestamp.Unix}},v0={{.Signatures | join ","}}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexluong alexluong alexluong left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alexbouchardd @alexluong