Matthew McPherrin
Matthew McPherrin
One way to DoS a CT log would be bulk submission of old entries from another log. It would be good to ratelimit submission of "old" entries. The Baseline Requirements...
This was a quick idea, not complete. Just opening for early feedback and CI run right now. Chrome's all_logs_list has test logs marked as such. It would be good to...
If there's discrepencies between the PSL and Zlint TLD list, this will take the most conservative option of rejecting if either list doesn't have a TLD.
# Background This isn't planned anytime soon, but something that was on my mind so I thought I'd record some notes. It would be nice to be able to build...
We've had requests to include the hostname for CRLs in our documentation. We could include that on https://letsencrypt.org/certificates/ I'll make a change for this in the next few weeks
With the introduction of IssuerConfig.Profiles, it seems like we could use an empty set of profiles instead of the boolean Active. I haven't done a thorough review of all the...
Right now, we allow some conflicting configuration values. Like you can configure a unix socket and a TLS certificate and key, which will be ignored. Or if you configure just...