Skip Menu |

This queue is for tickets about the Crypt-LE CPAN distribution.

Report information
The Basics
Id: 133723
Status: resolved
Priority: 0/
Queue: Crypt-LE
People
Owner: LEADER [...] cpan.org
Requestors: murley [...] townnews.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Nov 11 09:53:00 2020 murley [...] townnews.com - Ticket created
Subject: support for alternate links in LE responses
Date: Wed, 11 Nov 2020 08:39:05 -0600
To: bug-Crypt-LE [...] rt.cpan.org
From: "Christopher Murley" <murley [...] townnews.com>
Is anyone already working to support the alternates links in LE responses? The server MAY provide one or more link relation header fields [RFC8288] with relation “alternate”. Each such field SHOULD express an alternative certificate chain starting with the same end-entity certificate. This can be used to express paths to various trust anchors. Clients can fetch these alternates and use their own heuristics to decide which is optimal. This would be needed to support the LE announcement where they are transitioning to their own root CA? https://community.letsencrypt.org/t/transition-to-isrgs-root-delayed-until-jan-11-2021/125516/2 If noone is, we may begin work on a patch. Thank you for your consideration.
  Sat Nov 14 10:36:37 2020 cpan [...] ihead.ru - Correspondence added
Срд Ноя 11 09:53:00 2020, murley@townnews.com писал: Show quoted text
> Is anyone already working to support the alternates links in LE > responses? > > The server MAY provide one or more link relation header fields > [RFC8288] with relation “alternate”. Each such field SHOULD express > an alternative certificate chain starting with the same end-entity > certificate. This can be used to express paths to various trust > anchors. Clients can fetch these alternates and use their own > heuristics to decide which is optimal. > > This would be needed to support the LE announcement where they are > transitioning to their own root CA? > > https://community.letsencrypt.org/t/transition-to-isrgs-root-delayed- > until-jan-11-2021/125516/2 > > > If noone is, we may begin work on a patch. Thank you for your > consideration.
I reported this 8 days ago on github https://github.com/do-know/Crypt-LE/issues/57 No answer from author. It would be great if you provide the patch, i agree to test it :)
  Sat Nov 14 10:36:38 2020 The RT System itself - Status changed from 'new' to 'open'
  Sat Nov 14 10:41:54 2020 LEADER [...] cpan.org - Taken
  Sat Nov 14 10:43:03 2020 LEADER [...] cpan.org - Correspondence added
I'll have a look at the RFC and practical application of that.
  Sun Nov 22 08:11:37 2020 LEADER [...] cpan.org - Correspondence added
This should now be resolved in beta (https://github.com/do-know/Crypt-LE/tree/beta) and will be pushed to CPAN sometime next week.
  Sun Nov 22 08:11:37 2020 LEADER [...] cpan.org - Status changed from 'open' to 'resolved'