On Sat, Oct 26, 2019 at 10:44 AM Adam D. Barratt <a...@adam-barratt.org.uk> wrote: > I've included a draft for an SUA below; comments welcome.
The draft looks good. I've included a couple of minor tweaks, just to help indicate to users that there may be an operational impact, not just broken tests in a CI system somewhere. Other than that, +1, it's ready to ship! -- Harlan Lieberman-Berg ~hlieberman
--- old.txt 2019-10-27 11:50:56.226063124 -0400 +++ new.txt 2019-10-27 11:53:02.668777460 -0400 @@ -11,12 +11,12 @@ python-acme is part of an implementation of the ACME protocol, as used by the Let's Encrypt certification authority to issue TLS certificates. -The ACME protocol has deprecated support for the use of unauthenicated +The ACME protocol has deprecated support for the use of unauthenticated GET requests in favour of authenticated POST requests. On November 1st, Let's Encrypt's staging ACME v2 endpoint will stop supporting the older protocol, with the production endpoint following at a later point. The staging endpoint is used by applications such as certbot in order to -perform tests before issuing a certificate. +perform tests, including when testing renewals with `--dry-run`. This update moves python-acme to use the newer protocol.