Roland Bracewell Shoemaker
Roland Bracewell Shoemaker
We could also avoid adding a field entirely, and add an internal check for `Challenge.Type == "hardware-module"`. This would be somewhat opaque, but doesn't require an API change.
> I may be missing something here... How does the client pass the response to the server in this case? Whoops, my bad I was thinking of the wrong extension....
> I would like for the doc comment to be a little more prescriptive. Perhaps point at the extension spec and/or suggest _why_ one would want to set this field....
Distilling https://github.com/golang/go/issues/38014, [RFC 4055](https://datatracker.ietf.org/doc/html/rfc4055) clarifies the encoding for CRLs and certificates, but didn't for whatever reason do the same for OCSP. We are just being consistent, and based on the...
This should probably also contain the the highest label at which a record was found if one is found at all.
Hey! Sorry for the silence, I completely missed your comments. This is still relevant and it would be great if you had a chance to take a stab at it....
I think this approach makes sense, in the past we've been way too willing to just keep stuffing stuff in existing tables when a new table would make more sense....
Hm, good point. We may want to change the name of the `identifier` column as well, it's slightly confusing given we have a loaded definition of that term elsewhere in...
> @rolandshoemaker makes sense, but I was just wondering what we should do for the presentAt field when we don't find any CAA records? Do you want to include the...
I've not followed along super closely with what the SOTA for source distribution provenance attestations are, but my understanding is that SLSA is almost entirely focused on attestations for build...