Add deployment considerations section to README#142
Conversation
complexspaces
force-pushed
the
deployment-documentation
branch
from
2628a71 to
0155c04
Compare
djc
left a comment
djc
left a comment
There was a problem hiding this comment.
This is great!
I think it would be good to explain the Linux/BSD situation in a little more detail. In particular, while it inherits trust store updates from the OS, currently these are only configured on program startup, so in its current state on Linux/BSD the platform verifier ends up being the same as just using rustls-native-certs directly AFAICT.
Also it might be good to talk about scenarios where the use of webpki-roots could make sense, for example in applications that are (a) deployed frequently in (b) minimal containers.
ctz
left a comment
ctz
left a comment
There was a problem hiding this comment.
Thanks for writing this down. Once we land this, I think we can delete https://github.com/rustls/rustls-native-certs/?tab=readme-ov-file#should-i-use-this-or-webpki-roots and refer to this as a single source.
cpu
left a comment
cpu
left a comment
There was a problem hiding this comment.
This is great, thank you! I had a handful of comments but don't consider any of them blocking. Feel free to disregard if you think I'm barking up the wrong tree on any of my points.
djc
left a comment
djc
left a comment
There was a problem hiding this comment.
This looks good to me, thanks for the updates!
cpu
left a comment
cpu
left a comment
There was a problem hiding this comment.
Thanks! Updates look good. There are still a couple open discussion threads but whether or not they're resolved I think this is a great improvement. Happy for it to land as-is if you disagree with my remaining items.
|
I believe I've now addressed all the remaining feedback from today. Please take a final look when available. |
cpu
left a comment
cpu
left a comment
There was a problem hiding this comment.
Thanks again for taking all of our feedback into consideration.
|
Of course, and I appreciate the thorough review to make sure the first version of this is high-quality. |
I've started that work in this PR. |
|
I think it's also time for a release in this crate, right? |
4 participants
This PR adds documentation and more explicit recommendations to the README of the crate to support its preferred use in the Rust app and library ecosystem. This has been a WIP stash for a pretty long time (since this old Discord conversation) and I've really been wanting to finish it out for several reasons.
These changes also include noting tradeoffs that
rustlsusers might need to consider when doing something different to show supporting evidence.