Conrad Hoffmann

And, sorry, as always a late follow-up - one thing I would also miss: if the app gets started with a config saying "manage certs x and y", and then...

Thank you for your response and sorry for the delay! > Numbers 0-2, sounds good to me. Same page 100 :ok_hand: > This reminds me a little of [a previous...

Actually, sorry: I couldn't stop thinking about the other issue you linked. And I think the one question a higher-level storage interface might answer is: what would you do if...

Come to think of it: maybe the storage interface is actually fine, and this is just the wrong interface to use for this. Maybe we'd be better off with something...

> I had a call with a company who has a similar request for a higher-level API. > > So I'm thinking about an optional interface now. Would still like...

What would the `meta` bytes contain? Maybe a key (as in key-value) could be used here as well, which has to be treated as opaque by the app, but can...

> If this is a high-level interface, the opaque key could be replaced a hostname. Note, this would encode in the API that one certificate equals one hostname. If I...

As I said, it's up to you. I can make the comment more explicit, or change the name to `DialInsecure()` or whatnot, or we can close this and I modify...

Exquisite choice! :clinking_glasses: :wink:

I was about to create almost the same PR. This would be really useful, so that a single distribution/docker-auth setup could be used both without TLS on an internal network...