!MthpOIxqJhTgrMNxDS:nixos.org

NixOS ACME / LetsEncrypt

105 Members
Another day, another cert renewal43 Servers

You have reached the beginning of time (for this room).

SenderMessageTime
30 May 2021
@l3af:matrix.orgl3af set a profile picture.12:11:24
@l3af:matrix.orgl3af changed their display name from l3aft to l3af.12:11:58
@l3af:matrix.orgl3af changed their display name from l3af to l3af .12:13:27
@l3af:matrix.orgl3af changed their profile picture.12:13:36
@l3af:matrix.orgl3af changed their display name from l3af to l3af.12:28:35
@l3af:matrix.orgl3af changed their profile picture.12:28:46
@m1cr0man:m1cr0man.comm1cr0manhttps://github.com/NixOS/nixpkgs/pull/124950 new PR in today. So, I'm unsure if this should be merged or not. I remember back in 20.03 there was discussions about key stapling (e.g. https://github.com/NixOS/nixpkgs/issues/84633#issuecomment-614584249) but I'm struggling to track down a specific ticket, it might have been in IRC. The use case was that you would have an app which you're shipping the public key with. That said, since the 20.09 patches where I introduced the hashed state folders we incidentally change the key regardless of whether --reuse-key is specified when the configuration changes. Anyone else got an argument for/against it?14:24:09
@hexa:lossy.networkhexaOne of the use cases for key reusal was HPKP, which was deprecated a while ago. I for one believe people should need to opt in to key reusal.14:36:03
@hexa:lossy.networkhexaNeeds to come with a changelog entry either way.14:39:49
@hexa:lossy.networkhexa * Needs to come with a changelog entry either way. And to be fair, it is currently unnecessarily hard to drop the option.14:40:24
@hexa:lossy.networkhexa * Needs to come with a changelog entry either way. And to be fair, it is currently unnecessarily hard to drop the option if you needed to.14:40:30
@m1cr0man:m1cr0man.comm1cr0man
In reply to @hexa:lossy.network
Needs to come with a changelog entry either way. And to be fair, it is currently unnecessarily hard to drop the option if you needed to.
On the logic alone of "It's hard to change" I think it makes sense to merge it. But yes, with a changelog 		14:44:03
@arianvp:matrix.orgArian joined the room.14:48:40
@m1cr0man:m1cr0man.comm1cr0manHi Arian :)14:50:05
@hexa:lossy.networkhexathe remaining question would be: backport to 21.05 or not?14:51:02
@hexa:lossy.networkhexaand by that matter: to which changelog to add this14:51:49
@m1cr0man:m1cr0man.comm1cr0manWould you not just add to 21.05 changelog when making the backport commit/PR?15:56:51
@hexa:lossy.networkhexaneeds to go into only one changelog though16:04:57
@hexa:lossy.networkhexaso either backport to 21.05, then add it there16:05:06

Show newer messages

Back to Room ListRoom Version: 6