fabruic
fabruic copied to clipboard
khonsulabs
Tracking upstream improvements
- [ ] PSK support: https://github.com/ctz/rustls/issues/174
- [ ] Drop X.509: https://github.com/ctz/rustls/issues/423
- [x] Support IP as domain
- [x] WebPKI
- ~~https://github.com/briansmith/webpki/issues/54~~
- ~~https://github.com/briansmith/webpki/issues/130~~
- ~~https://github.com/briansmith/webpki/issues/90~~
- [x] https://github.com/rustls/webpki/issues/4
- [x] Rustls
- [x] https://github.com/ctz/rustls/issues/184
- [x] https://github.com/ctz/rustls/issues/206
- [x] https://github.com/ctz/rustls/issues/331
- [x] ~~https://github.com/ctz/rustls/issues/578~~
- [x] Quinn: https://github.com/quinn-rs/quinn/issues/564
- [x] WebPKI
- [ ] Server Migration: https://github.com/quinn-rs/quinn/issues/716
- [x] Async Executor Agnosticism: https://github.com/quinn-rs/quinn/issues/502
- [ ] Certificate Rotation: https://github.com/quinn-rs/quinn/issues/474
- [ ] Async Resolver
- [x] https://github.com/ctz/rustls/issues/89
- [x] ~~https://github.com/ctz/rustls/issues/430~~
- [ ] https://github.com/rustls/rustls/issues/850
- [ ] OCSP Support
- [ ] Rustls: https://github.com/ctz/rustls/issues/31
- [ ] WebPKI
- ~~https://github.com/briansmith/webpki/issues/26~~
- ~~https://github.com/briansmith/webpki/issues/27~~
- ~~https://github.com/briansmith/webpki/issues/28~~
- [ ] ECH support
- [x] https://github.com/rustls/rustls/issues/199
- [x] https://github.com/rustls/rustls/issues/508
- [ ] CT log support
- [x] https://github.com/rustls/rustls/issues/479
- [ ] https://github.com/rustls/webpki/issues/105
I did some research on OCSP, this is actually quiet important. Especially when we go production in CV, we have to be able to protect ourselves against a compromise of our private key.
The only alternative I know, CRLs, isn't available in the Rust community and as far as I know there are no plans to add support.