Right, I think what I'm actually worried about is how an old system deals with the certificate authorities of two decades from now.
-
-
...you're going to have a lot more control over stuff being done right.
-
Absolutely
@letsencrypt seems like the way of the future. I'd love to have a port of it to#sortix and use it with my httpd port. -
If you have Python building/running there are already a couple good minimal/auditable acme client implementations you can use.
-
Yeah I got a Python 3 largely working, I was planning on checking out a reasonably sized lets encrypt implementation and port if good.
-
If it's python, no porting is needed. AFAIK there are no "reasonably sized" C implementations. Too much protocol infrastructure mess.
-
Honestly simultaneously dealing with JSON *and* OpenSSL from C sounds so painful it should be in violation of the Geneva Convention
-
Think BearSSL and tiny fixed-schema JSON processing code.
-
yeah no even then. abstractions are good.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.