Hi, I was sure I had answered, obviously I was wrong. Sorry for the delay then. I'd say that you spotted a minor bug, that allows to define a configuration that basically rejects all the clients by distributing broken signatures to them. A sysadmin would immediately understand that his system is totally broken, so I believe that the exploitability of such a wrong combination is insignificant. Moreover the bug does not prevent any kind of correct usage/config of the framework. I will fix it in the next week or so -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/567#issuecomment-323755999 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1