Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client

[Harlan Lieberman-Berg]

Jeremías Casteglione  writes:
> I just subscribed to the mailing list and requested to join the
> project... Not sure how I/We should continue then?

I've made a repository for you for acme-tiny under the team project.
You should be able to commit to it:

https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=letsencrypt/acme-tiny.git;a=summary

If you have any problems, let us know; the permissions might not be
exactly correct yet.

Sincerely,
-- 
Harlan Lieberman-Berg
~hlieberman

Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client

[Jeremías Casteglione]

Hi Harlan:

On Sat, 20 Feb 2016 23:56:20 -0500
Harlan Lieberman-Berg  wrote:

> Hello Jeremías!
> 
> This is something I'd definitely be interested in seeing as part of
> the Let's Encrypt team.  We can help you with sponsorship as well.

That sounds great to me. Thanks!

> 
> We're over at: https://alioth.debian.org/projects/letsencrypt/

I just subscribed to the mailing list and requested to join the
project... Not sure how I/We should continue then?

Cheers,


-- 
Jeremías

Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client

[Michael Büsch]

On Fri, 19 Feb 2016 21:38:44 -0300
Jeremías Casteglione  wrote:

> Package: wnpp
> Severity: wishlist
> Owner: "Jeremías Casteglione" 
> 
> * Package name: acme-tiny
>   Version : 20151229
>   Upstream Author : Daniel Roesler 
> * URL : https://github.com/diafygi/acme-tiny
> * License : MIT
>   Programming Lang: Python
>   Description : letsencrypt tiny python client
> 
> acme-tiny is a tiny script to issue and renew TLS certs from Let's Encrypt


>PLEASE READ THE SOURCE CODE!

Ok. :)

The error handling in the whole script but especially in the
wellknown-file writing section is a bit lacking. It can easily happen
that a wellknown file is left in place, if some exception happens. Or
even in the common path where the validation did not pass.

Also I don't like the part where it does urlopen(challenge['uri'])
This essentially opens any url, that can even be a local file, that the
remote end said it wants to open. I think the uri should be validated
before being passed to urlopen(). The connection the 'challenge' was
retrieved through is https, but we'd still have to trust the other end
not sending us funky uris.

And I'm not sure about the github fork network. There seem to be forks
that added major stuff to the code and also (from a quick look)
addressed the exception bug from above.


-- 
Michael


pgpuIUiBScco9.pgp
Description: OpenPGP digital signature

Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client

[Harlan Lieberman-Berg]

Hello Jeremías!

This is something I'd definitely be interested in seeing as part of the
Let's Encrypt team.  We can help you with sponsorship as well.

We're over at: https://alioth.debian.org/projects/letsencrypt/

Sincerely,
-- 
Harlan Lieberman-Berg
~hlieberman

Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client

[Jeremías Casteglione]

Package: wnpp
Severity: wishlist
Owner: "Jeremías Casteglione" 

* Package name: acme-tiny
  Version : 20151229
  Upstream Author : Daniel Roesler 
* URL : https://github.com/diafygi/acme-tiny
* License : MIT
  Programming Lang: Python
  Description : letsencrypt tiny python client

acme-tiny is a tiny script to issue and renew TLS certs from Let's Encrypt

This is a tiny, auditable script that you can throw on your server to issue and
renew Let's Encrypt certificates. Since it has to be run on your server and
have access to your private Let's Encrypt account key, I tried to make it as
tiny as possible (currently less than 200 lines). The only prerequisites are
python and openssl.

You have to deal yourself wiht the openssl stuff, and with webserver
configuration and such. But it doesn't require more dependencies than openssl
and it just works, no need for sudo nor being root to run it either. I'm using
it for my personal TLS stuff.

I'm not a DD nor a DM either, so an sponsor will be needed.