advancedTLS: Swap to DenyUndetermined from AllowUndetermined in revocation settings #7179
Conversation
| @@ -61,8 +61,13 @@ type RevocationOptions struct { | |||
| // Directory format must match OpenSSL X509_LOOKUP_hash_dir(3). | |||
| // Deprecated: use CRLProvider instead. | |||
| RootDir string | |||
| // DenyUndetermined controls if certificate chains with RevocationUndetermined | |||
| // revocation status are allowed to complete. | |||
| DenyUndetermined bool | |||
There was a problem hiding this comment.
I'd prefer to keep the current 'positive boolean' approach, potentially with 'default true' mechanism like
`
type MyConfig struct {
AllowChanges bool
}
func NewMyConfig() MyConfig {
return MyConfig{
AllowChanges: true,
}
}`
Leaving it to you&Doug to decide.
There was a problem hiding this comment.
I don't like this because it requires adding a constructor layer for a relatively simple struct - in this case IMO the positive boolean approach isn't worth the complexity
@dfawley WDYT?
There was a problem hiding this comment.
Yeah there's unfortunately some conflict between having positive booleans and having default behavior = zero value.
Maybe DenyUndetermined is not too negative? It states what you will be doing, not what you will not be doing. Or we could go with something more verbose that removes the double-negative like RequireDetermined[Revocation]Status?
There was a problem hiding this comment.
BTW I'm fine either way. Another option could also be to replace with an "enum" (dumb Go doesn't actually have them, but):
type RevocationStatusRequirement int
const (
DenyUndetermined RevocationStatusRequirement = 0
AllowUndetermined
)(Names are just for illustrative purposes; probably pick better names.)
Swap
AllowUndeterminedtoDenyUndeterminedin our revocation settings.We want the default for this setting to be to allow
RevocationUndeterminedto pass revocation checks, so the boolean needs to beDenyUndetermined(default false) for this behavior.RELEASE NOTES: none