cURL / Mailing Lists / curl-library / Single Mail


Re: mk-ca-bundle: certdata.txt pulled from soon to be EOL URL

From: Daniel Stenberg <>
Date: Wed, 23 Jul 2014 23:39:25 +0200 (CEST)

On Thu, 10 Jul 2014, Ed Morley wrote:

> I was putting together a patch to switch the URLs to ones
> like [1]:

Thanks for your attention on this and work here!

> However upon testing it became apparent that hgweb [2] doesn't output (or
> use) Last-Modified headers, and only understands ETag [3].

Does it really understand ETag? I was thinking we could just record the ETag
into the generated file and use that in subsequent checks to avoid resending
the same response, but my manual tests with If-None-Match: always make the
server send back the full thing with a new ETag...

> Some options:
> 1) File an upstream Mercurial bug to add Last-Modified headers & then pester
> Mozilla server ops to update the Hg version used to serve

Not only adding that header, but also supporting If-Modified-Since...

> 2) Forget about checking for last modified and just use the current time in
> the comment header for the generated file.

I don't think that works. The hg server seems to give a new time in each

> 3) Fetch certdata.txt again and compare to the old file locally, and either
> use the current datetime for the comment header or else some other
> identifier (eg Mercurial SHA current on that repo's tip).
> #1 seems like the superior option, however it might be a bit of an uphill
> struggle gaining interest/acceptance upstream.

Yeah, and as it would potentially take a lot of time, I would say that
implementing #3 for the short term is necessary anyway.

> [1] Ideally I would switch these to HTTPS, however this was tried before
> (with MXR at least) and reverted due to issues with LWP and HTTPS:

I'm not opposed taking another shot at that! I could also consider using plain
curl to get the file over HTTPS, possibly as a backup if LWP would fail like
it did back then.

List admin:
Received on 2014-07-23