[Pulp-list] Pulp 2.6 vs 2.8 event notifier question
Eric Helms
ehelms at redhat.com
Wed Feb 3 14:55:29 UTC 2016
----- Original Message -----
> From: "Randy Barlow" <rbarlow at redhat.com>
> To: "Eric Helms" <ehelms at redhat.com>
> Cc: "Jeremy Cline" <jcline at redhat.com>, pulp-list at redhat.com
> Sent: Wednesday, February 3, 2016 9:46:20 AM
> Subject: Re: [Pulp-list] Pulp 2.6 vs 2.8 event notifier question
>
> On Wed, Feb 03, 2016 at 09:40:09AM -0500, Eric Helms wrote:
> > Not to be argumentative, but that seems like a cop out. I would think as a
> > user I should be able to provide you with the CA certificate that should
> > be used for verification for a given event notification. I realize this is
> > a deprecated feature and my intent is not to incur more work. However, I
> > do find value in having the right solution in place.
>
> Isn't it the case that Katello is not in this situation? I.e., Katello
> has the power to install the ca trust for the call back? Also, it
> doesn't make sense to use https:// if you don't want trust to happen.
> TLS is for two things: trust and privacy, and you can't have privacy
> without trust.
Katello isn't - but I never said I was arguing for Katello's specific deployment scenario. I am looking at this from the general use case. If there is a Pulp installed over on Server A, and I have access to use it via the CLI or API and want to set up an event notifier to hit my box running on Server B that is running via HTTPS I cannot, at present, do this because I have to implant my server CA certificate on Server A which I may not have control over. Unless I am missing something fundamental to this workflow?
Eric
>
> --
> Randy Barlow
> irc: bowlofeggs
>
More information about the Pulp-list
mailing list