crypto/x509: add CertPool.Clone #35044
Labels
FrozenDueToAge
Proposal
Proposal-Accepted
Proposal-Crypto
Proposal related to crypto packages or other security issues
Proposal-FinalCommentPeriod
Milestone
Comments
dmitshur
added
the
NeedsInvestigation
FiloSottile
changed the title
FiloSottile
changed the title
FiloSottile
added
Proposal
Proposal-Crypto
|
@golang/proposal-review, this would be a good thing to land in Go 1.19 along with CertPool.Equal #46057 and it's pretty easy after the Go 1.18 changes. /cc @golang/security |
|
This proposal has been added to the active column of the proposals project |
|
Does anyone object to adding this? |
|
Based on the discussion above, this proposal seems like a likely accept. |
|
No change in consensus, so accepted. 🎉 |
rsc
changed the title
|
Change https://go.dev/cl/400175 mentions this issue: |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I have a program that creates a custom certificate pool in several steps, loading various certificates that have different levels of access to the resources in the program. I would like to use one of the earlier stages as a separate certificate pool to ensure that only certificates from that pool can access a particular port.
Unfortunately the best solution seems to be to load the certificates twice since there is no way to clone pools. I see this has been suggested a number of times before, although each time the particular application suggested has been solved by a different method. The code to do this is already there in the copy method: I'm just suggesting we upper-case it.
See the very closely related:
#24540
The text was updated successfully, but these errors were encountered: