Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[tools-pmc] [CQ 21973] google-auth-library-oauth2-http 0.20.0

--- Comment #4 from Tony Homer <tony.homer@xxxxxxxxx>  2020-04-22 10:37:20 ---
Thanks for double-checking, Jonah!

I was basing the Cryptography=N/A on an old submission for
google-auth-library-oauth2-http 0.12.0
I also submitted a CQ request for google-auth-library-oauth2-http 0.19.0 which
was approved
but IIRC I based the Cryptography N/A there on the 0.12.0 submission also.

I took a look at the sources and documentation to double-check and although
this library uses SHA256 it is only for signing and not for encrypting data. 
This library provides an OAuth2 client which uses SHA256 with RSA for signing
as well as several other authorization clients which use SHA256 with RSA for
signing.  For reference, OAuth2 is RFC 6749:

Based on the above, I think it's still an N/A on Cryptography and hopefully the
above statements are enough for you to confirm or deny.  Please let me know if
you need more information.

Configure CQmail:
------- You are receiving this mail because: -------
You are on the CC list for the CQ.

Back to the top