The API itself may not have been documented, but products using the API
have documented this token:nickname usage. That is the case for some
Oracle server products. Now, I can't say that we really envisioned
anyone entering a URI in the nickname field of our server config files.
It would certain
On 04/04/2016 03:19 PM, Ryan Sleevi wrote:
On Mon, Apr 4, 2016 at 12:39 PM, David Woodhouse wrote:
We usually reserve the term "breaks the API" for when something *used*
to work, and now doesn't. Not when a previously-failing call now
actually does something useful.
No, sorry David, that's not
On Tue, 2016-04-05 at 12:49 -0400, John Dennis wrote:
>
> If the API does not have documented behavior constraints then you can'tÂ
> be causing a API breakage.
I think that's overstating the case a little.
Even if the behaviour is undocumented, if real applications are
depending on it in anythin
One of the problems I have with the argument Ryan presents concerning
API contracts and breakage is that "API contract" Ryan talks about is to
the best of my knowledge undocumented, it's a API "convention" observed
by a select group of developers "in the know". I don't see anything
about a toke
On Tuesday 05 April 2016 07:26:56 Ryan Sleevi wrote:
> On Tuesday, April 5, 2016, Hubert Kario wrote:
> > On Monday 04 April 2016 12:17:08 Ryan Sleevi wrote:
> > > On Mon, Apr 4, 2016 at 11:32 AM, David Woodhouse
> > > >
> > I'm sorry Ryan, but I also don't see how this would break API.
>
> Doe
On Mon, 2016-04-04 at 16:23 -0700, Ryan Sleevi wrote:
>
> I understand and appreciate that you want the standard to be "Show me
> the code." But that's not the standard we set.
Not at all. I fully appreciate that just because you can't provide any
specific failure mode doesn't mean that no such f
On Tuesday, April 5, 2016, Hubert Kario wrote:
> On Monday 04 April 2016 12:17:08 Ryan Sleevi wrote:
> > On Mon, Apr 4, 2016 at 11:32 AM, David Woodhouse >
> wrote:
> > > Do you even have a way for a nickname to be entered in text form,
> > > such that you could "maliciously" be given a PKCS#11
On Monday 04 April 2016 12:17:08 Ryan Sleevi wrote:
> On Mon, Apr 4, 2016 at 11:32 AM, David Woodhouse
wrote:
> > Do you even have a way for a nickname to be entered in text form,
> > such that you could "maliciously" be given a PKCS#11 URI instead of
> > the normal "token:nickname" form? Perhaps
8 matches
Mail list logo
