diff options
author | Jan Pokorný <jpokorny@redhat.com> | 2013-10-17 22:37:06 +0200 |
---|---|---|
committer | Jan Pokorný <jpokorny@redhat.com> | 2013-10-17 22:37:06 +0200 |
commit | 218ab1a67ae7746f9aac00b613c7b5ea51e2f0fe (patch) | |
tree | 4d73f0e6625d57edfb914cfe53e4167cfa83d98c /scripts/certs | |
parent | ce1601263f27936a263e6eadffa3fa069075e20e (diff) | |
download | dotfiles-218ab1a67ae7746f9aac00b613c7b5ea51e2f0fe.tar.gz dotfiles-218ab1a67ae7746f9aac00b613c7b5ea51e2f0fe.tar.xz dotfiles-218ab1a67ae7746f9aac00b613c7b5ea51e2f0fe.zip |
Cert scripts: add some TODO notes
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
Diffstat (limited to 'scripts/certs')
-rwxr-xr-x | scripts/certs/cert-check | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/scripts/certs/cert-check b/scripts/certs/cert-check index d4dbe5b..d349933 100755 --- a/scripts/certs/cert-check +++ b/scripts/certs/cert-check @@ -15,6 +15,22 @@ # generally, there is a race between the two?) # - wget vs. certificates? switch to curl? # - remove unneeded subshells? ( '()' -> '{}' ) +# - slowly getting worse and worse, needs some refreshment and unification +# -> the only exchange encoding is PEM +# - can be combined with DER in one stream thanks to sed ranges filtering +# whereas corresponding PEM can be appended after this DER so we +# we can be sure the stream contains, perhaps interleaved, +# an expected PEM instance +# -> through away the trust in CA_BUNDLE completely? +# -> better decomposition/DRY +# - awk invocations, etc. +# -> nicer "functional approach" (more pipes, less files [persisted state]) +# - flock can be handy (see the other project of mine) +# -> wider goals: mapping of certain cert chains (download locations, etc.) +# -> migrate to other language? (but why) +# +# related references: +# - http://curl.haxx.se/docs/caextract.html # - p7s: https://lists.fedoraproject.org/pipermail/devel/2013-February/178272.html : ${HOMEBUNDLE:=} |