Stefan Beller <sbeller@xxxxxxxxxx> writes: > I think the recent issue with the push certificates shows that having arbitrary > data after the = is a bad idea. I do not think push certificate episode tells any such thing. It was about not carefully using cryptography with arbitrary data. How that arbitrary data came to the machinery is irrelevant. We could have used base-64 to encode the server nonce when transferring it to the machinery via capability, but then decode it in order to place it in the cerficiate. Do not restrict transport for such a reason and make legitimate uses of the transport unnecessarily harder for later users. What needs to be done is to think how the data that was transport was used. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html