two CSR sanity-checking todo items

2026-05-28 04:34:11 -04:00 · 2012-11-15 23:31:28 -08:00 · 2012-11-15 23:31:28 -08:00 · 2845c8f1f5
commit 2845c8f1f5
parent 4a62ac88d5
1 changed files with 4 additions and 0 deletions
--- a/server-ca/chocolate.py
+++ b/server-ca/chocolate.py
@ -252,6 +252,10 @@ class session(object):
            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/priorrequest")
            return
        # Process the request.
+        # TODO: check that each element of the CA/B Forum Baseline
+        # Requirements is enforced here or elsewhere.
+        # TODO: check that the request involves a public key algorithm
+        # that we support.
        if not all([safe("recipient", recipient), safe("csr", csr)]):
            self.die(r, r.BadRequest, uri="https://ca.example.com/failures/illegalcharacter")
            return