Add deployment considerations section to README #142
Conversation
complexspaces
force-pushed
the
deployment-documentation
branch
from
2628a71 to
0155c04
Compare
There was a problem hiding this comment.
This is great!
I think it would be good to explain the Linux/BSD situation in a little more detail. In particular, while it inherits trust store updates from the OS, currently these are only configured on program startup, so in its current state on Linux/BSD the platform verifier ends up being the same as just using rustls-native-certs directly AFAICT.
Also it might be good to talk about scenarios where the use of webpki-roots could make sense, for example in applications that are (a) deployed frequently in (b) minimal containers.
There was a problem hiding this comment.
Thanks for writing this down. Once we land this, I think we can delete https://github.com/rustls/rustls-native-certs/?tab=readme-ov-file#should-i-use-this-or-webpki-roots and refer to this as a single source.
|
I believe I've now addressed all the remaining feedback from today. Please take a final look when available. |
|
Of course, and I appreciate the thorough review to make sure the first version of this is high-quality. |
I've started that work in this PR. |
|
I think it's also time for a release in this crate, right? |
This PR adds documentation and more explicit recommendations to the README of the crate to support its preferred use in the Rust app and library ecosystem. This has been a WIP stash for a pretty long time (since this old Discord conversation) and I've really been wanting to finish it out for several reasons.
These changes also include noting tradeoffs that
rustlsusers might need to consider when doing something different to show supporting evidence.