Daniel McCarney
Daniel McCarney
@const-v @nickolasclarke Interesting perspectives. Thanks for sharing! Perhaps an optional and disabled-by-default role would be appropriate if there is more demand. My own feeling is that for the short term...
@madeye gentle bump on this issue. If this is something you don't have the resources to get to I'm happy to close the issue and stop checking in. Thanks!
I'm not sure I understand the current state of this PR? Are changes required? Is the update no longer a priority since [a workaround](https://github.com/rustls/rustls-platform-verifier/pull/63#issuecomment-2125127857) was discovered?
> To fully resolve this, and get the best of what the platform has to offer we really need the ability to pass a timestamp into checkServerTrusted. This would also...
Hi @dani-garcia, Thanks for opening an issue and linking to your reproducer. This is a curious situation and I don't have any immediate ideas. Based on what you describe it...
> The main open question in my mind is the best way to programmatically inject a new trust anchor into the emulator's system trust bundle Perhaps like this: https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/
> Perhaps like this: https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/ Ah, I misread. These instructions inject a trust anchor as if it were system provided to explicitly side-step the usual opt-in that's required for user-installed...
> @cpu I think that bringing back the isKnownRoot check that existed prior to https://github.com/rustls/rustls-platform-verifier/pull/40 might be the solution here. Sounds reasonable to me. Do you think you'll have time...
Hi @laiyi55, Thanks for the question. That's interesting. In general I think if you're proposing changes based on performance it would be helpful to know more about how you're profiling...
As a quick test I also tried going back to before https://github.com/rustls/rustls-platform-verifier/pull/17 landed and enabling the test with a fixed verification time and got the same result so whatever the...