Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Review the security policy with respect to the apps #907

Open
mattcaswell opened this issue Oct 22, 2024 · 1 comment
Open

Review the security policy with respect to the apps #907

mattcaswell opened this issue Oct 22, 2024 · 1 comment

Comments

@mattcaswell
Copy link
Member

We should review the security policy with respect to the apps.

For example how should we handle server based apps such as s_server and ocsp? Do we consider these hardened security servers - or for test/demonstration purposes only? How should we treat security issues in them?
@romen
Copy link
Member

romen commented Oct 22, 2024

After we review the security policy, we should also plan to add appropriate disclaimers as comments at the beginning of the code in apps/, pointing to the security policy and the intended usage/level of security guarantees for each app.

It's important for part of our communities to discover/be warned about the experimental/demonstrative/testing/unsafe nature of that code when perusing through their sources.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Project Board
Status: New
Milestone
No milestone
Development

No branches or pull requests
2 participants
@romen @mattcaswell