Skip to content

Commit

Permalink
lib: recommend platform verifier instead of native-certs
Browse files Browse the repository at this point in the history
Now that the platform verifier is available, point to that crate instead
of the native certs crate. The platform verifier README already touches
on native certs (and why the platform verifier is a better choice).
  • Loading branch information
cpu committed Feb 2, 2024
1 parent 341d0b5 commit 84ec9d6
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 4 deletions.
7 changes: 5 additions & 2 deletions webpki-roots/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,11 @@
//!
//! This library is suitable for use in applications that can always be recompiled and instantly deployed.
//! For applications that are deployed to end-users and cannot be recompiled, or which need certification
//! before deployment, consider a library that loads certificates at runtime, like
//! [rustls-native-certs](https://docs.rs/rustls-native-certs).
//! before deployment, consider a library that uses the platform native certificate verifier such as
//! [rustls-platform-verifier]. This has the additional benefit of supporting OS provided CA constraints
//! and revocation data.
//!
//! [rustls-platform-verifier]: https://docs.rs/rustls-platform-verifier
//
// This library is automatically generated from the Mozilla
// IncludedCACertificateReportPEMCSV report via ccadb.org. Don't edit it.
Expand Down
7 changes: 5 additions & 2 deletions webpki-roots/tests/codegen.rs
Original file line number Diff line number Diff line change
Expand Up @@ -147,8 +147,11 @@ const HEADER: &str = r#"//! A compiled-in copy of the root certificates trusted
//!
//! This library is suitable for use in applications that can always be recompiled and instantly deployed.
//! For applications that are deployed to end-users and cannot be recompiled, or which need certification
//! before deployment, consider a library that loads certificates at runtime, like
//! [rustls-native-certs](https://docs.rs/rustls-native-certs).
//! before deployment, consider a library that uses the platform native certificate verifier such as
//! [rustls-platform-verifier]. This has the additional benefit of supporting OS provided CA constraints
//! and revocation data.
//!
//! [rustls-platform-verifier]: https://docs.rs/rustls-platform-verifier
//
// This library is automatically generated from the Mozilla
// IncludedCACertificateReportPEMCSV report via ccadb.org. Don't edit it.
Expand Down

0 comments on commit 84ec9d6

Please sign in to comment.