buchdag
commented
5 years ago I'll update changelog asap.
We might have some other work to do regarding strict ACME v2 compliance.
Closed buchdag closed 5 years ago
buchdag
commented
5 years ago I'll update changelog asap.
We might have some other work to do regarding strict ACME v2 compliance.
zenhack
commented
5 years ago Thanks for catching this. I'm going to be gone all next week, but will do a review when I get back.
-Ian
Quoting Nicolas Duchon (2019-06-28 20:02:28)
I'll update changelog asap.
We might have some other work to do regarding strict ACME v2 compliance.
-- You are receiving this because you are subscribed to this thread. Reply to this email directly, [1]view it on GitHub, or [2]mute the thread.
Verweise
- https://github.com/zenhack/simp_le/pull/122?email_source=notifications&email_token=AAGXYPSBXFRCDWTEQA3SD6LP42RBJA5CNFSM4H4I7MB2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODY3NBTI#issuecomment-506908877
- https://github.com/notifications/unsubscribe-auth/AAGXYPUSJ6FC4QJMJ2HSWCTP42RBJANCNFSM4H4I7MBQ
zenhack
commented
5 years ago This looks reasonable to me; update the change log and I'll merge. I opened #123; we should start testing against pebble.
buchdag
commented
5 years ago Changelog updated, sorry for the long delay.
This fix an issue that came to light while trying to switch the test suite from
bouldertopebble.While the previous code worked with current
boulderversion, it's actually not ACME v2 compliant and caused POST-as-GET errors with Pebble. That indicates potential real world breakage starting November 1st when POST-as-GET becomes mandatory : https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380