Revision a4978169 doc/design-2.2.rst
b/doc/design-2.2.rst | ||
---|---|---|
411 | 411 |
not know the secret, it can't forge the certificates or redirect the |
412 | 412 |
data. Unless disabled by a new cluster parameter, verifying the HMAC |
413 | 413 |
signatures must be mandatory. The HMAC signature for X509 certificates |
414 |
will be prepended to the certificate similar to an RFC822 header and
|
|
414 |
will be prepended to the certificate similar to an :rfc:`822` header and
|
|
415 | 415 |
only covers the certificate (from ``-----BEGIN CERTIFICATE-----`` to |
416 | 416 |
``-----END CERTIFICATE-----``). The header name will be |
417 | 417 |
``X-Ganeti-Signature`` and its value will have the format |
Also available in: Unified diff