[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30512 [Circumvention/Snowflake]: Enable cache for ACME certificates in broker



#30512: Enable cache for ACME certificates in broker
-------------------------------------+--------------------------------
 Reporter:  dcf                      |          Owner:  (none)
     Type:  enhancement              |         Status:  needs_revision
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  arlolra cohosh dcf phw   |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+--------------------------------

Comment (by phw):

 Replying to [comment:7 dcf]:
 > This looks good to me now. I would suggest one further change: change
 `letsencrypt-cert-cache` to `acme-cert-cache` for uniformity with other
 existing options.

 Good point, here you go:
 https://github.com/NullHypothesis/snowflake/commit/8cd16ab9cc8db3e646fd09a28c3fbed9791c3b15

 > And do we care or should there be a way to disable the cert cache, if
 running on a read-only filesystem for example? Maybe `-acme-cert-cache
 ""`? Or maybe just logging the failure and continuing to run (what the
 patch does now) is the best way.

 I think not having a certificate cache is worth a warning in any case, so
 I'm fine with the current behaviour.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30512#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs