Daniel McCarney

> Server verifies the CertificateSigningRequestParams's CertificateParams meets its profile for the client. E.g. what things is the client allow to specify be included in the generated cert? You must be...

> The trait's name: I guess PublicKeyData is okay? We already have a trivial implementation in csr::PublicKey. Seems OK to me. > The alg() method: maybe expand this to algorithm()?...

Very odd! I booted into Windows this morning to try and reproduce and: it worked fine. Then I kicked the CI jobs that were failing with this error yesterday and...

> Sometimes, ACME server returns an error when acquiring a session, and thus, a retry is needed. @h33p I'm not sure what you mean by acquiring a session since ACME...

> According to https://github.com/algesten/acme-lib/blob/5a4d55080635dc9a7f9a380a79984e8b5f9ab281/src/dir.rs#L117C9-L119C61 I think a better citation for this is [RFC 8555 7.3.1](https://www.rfc-editor.org/rfc/rfc8555#section-7.3.1). In particular to do what you're describing it would be important to set the `onlyReturnExisting`...

> I think adding a bitvec feature is the correct fix for the unexpected_cfgs finding, but this should be double checked. Nope, that's no good. It seems like the code...

FWIW, I think building an aws-lc-rs backend in this repo might bump into the aws-lc-rs/ring HKDF API limitation [I mentioned here](https://github.com/aws/aws-lc-rs/issues/300#issuecomment-2142233237). We worked around this in Rustls without much fuss...

I feel similarly. Trailing/extra whitespace in CI configs is a pretty minor issue and having to maintain additional tooling for that use-case in particular doesn't seem very appealing.

Is there some larger context/motivation that can be called out in the PR desc?

> See discussion: https://discord.com/channels/976380008299917365/1015156984007381033/1362838168696520895 quick transcript, for the inevitable future where Discord goes the way of the dodo > s-arash: Hi rustls maintainers! I want to inquire about an issue...