[Bug debuginfod/27758] security idea: DEBUGINFOD_VERIFY mode

vt at altlinux dot org sourceware-bugzilla@sourceware.org
Wed Apr 21 00:15:31 GMT 2021


Vitaly Chikunov <vt at altlinux dot org> changed:

           What    |Removed                     |Added
                 CC|                            |vt at altlinux dot org

--- Comment #3 from Vitaly Chikunov <vt at altlinux dot org> ---
Instead of `X-Debuginfod-Hash` you can use `ETag` where you can put anything
including sha256 (can be prescribed in webapi description), then GET request
with `If-None-Match` + tag value (which is a hash) will return just 304 if the
hash is not changed. So HEAD request is not needed too.


You are receiving this mail because:
You are on the CC list for the bug.

More information about the Elfutils-devel mailing list