Jacob Hoffman-Andrews
Jacob Hoffman-Andrews
### Task description When doing ARI checks in acme.renewal_time, we catch `RequestException` and return a default value. That's so an unavailable ARI server doesn't cause issues. Before we get to...
### What problem does this feature solve or what does it enhance? Let's Encrypt [will offer certificates with IP address SANs](https://letsencrypt.org/2025/01/16/6-day-and-ip-certs/) sometime in 2025. We should discuss what we'd like...
Use exclusively the `cryptography` package for OCSP checking. Fixes #10291
The testdata for our certbot tests had a README with instructions on how to regenerate it. Those instructions were partial, and a little bit wrong anyhow. Instead we should have...
In certbot/certbot/tests/testdata/ I notice that we have a number of pieces of testdata that use 512-bit RSA keys. There's even a 256-bit RSA key, though I think that's unused. Perhaps...
https://peps.python.org/pep-0585/ > starting with Python 3.9, the following collections become generic using __class_getitem__() to parameterize contained types: > tuple # typing.Tuple > list # typing.List > dict # typing.Dict >...
Right now the `orderToAuthz2` table is our biggest in terms of row count. That makes sense: `authz2` rows grow as the number of authorizations created, minus any authorization reuse. `orderToAuthz2`...
We'd like to transition to building our release artifacts with containers (and also produce containers as our main release artifact). As part of that, let's get rid of our Makefile....
Right now our integration tests run `go install ./...` inside a boulder-tools container, then run the resulting binaries. Instead, they should use the same build scripts that our release process...
Right now we use fetch-and-verify-go.sh to download Go from `dl.google.com` and verify its GPG signature. This is preferable to using the Docker Hub official `golang` images because we can always...