Skip to content

doc: change tools.ietf.org references to official rfc-editor.org, use https #495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
djc merged 1 commit into from
May 23, 2026
Merged

doc: change tools.ietf.org references to official rfc-editor.org, use https #495

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/cert.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -292,7 +292,7 @@ fn version3(input: &mut untrusted::Reader<'_>) -> Result<(), Error> {
pub(crate) fn lenient_certificate_serial_number<'a>(
input: &mut untrusted::Reader<'a>,
) -> Result<untrusted::Input<'a>, Error> {
// https://tools.ietf.org/html/rfc5280#section-4.1.2.2:
// https://www.rfc-editor.org/info/rfc5280/#section-4.1.2.2:
// * Conforming CAs MUST NOT use serialNumber values longer than 20 octets."
// * "The serial number MUST be a positive integer [...]"
//
Expand Down
6 changes: 3 additions & 3 deletions src/subject_name/dns_name.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,8 @@ pub(crate) fn verify_dns_names(reference: &DnsName<'_>, cert: &Cert<'_>) -> Resu
/// `<x>*<y>.<DNSID>`, where `<x>` and/or `<y>` may be empty, we follow a stricter policy common
/// to most validation libraries (e.g. NSS) and only accept wildcard labels that are exactly `*`.
///
/// [RFC 5280 Section 7.2]: https://tools.ietf.org/html/rfc5280#section-7.2
/// [RFC 6125 Section 4.1]: https://www.rfc-editor.org/rfc/rfc6125#section-4.1
/// [RFC 5280 Section 7.2]: https://www.rfc-editor.org/info/rfc5280/#section-7.2
/// [RFC 6125 Section 4.1]: https://www.rfc-editor.org/info/rfc6125/#section-4.1
#[derive(Clone, Copy, Eq, PartialEq, Hash)]
pub(crate) struct WildcardDnsNameRef<'a>(&'a [u8]);

Expand Down Expand Up @@ -387,7 +387,7 @@ pub(super) enum IdRole {
NameConstraint(Subtrees),
}

// https://tools.ietf.org/html/rfc5280#section-4.2.1.6:
// https://www.rfc-editor.org/info/rfc5280/#section-4.2.1.6:
//
// When the subjectAltName extension contains a domain name system
// label, the domain name MUST be stored in the dNSName (an IA5String).
Expand Down
4 changes: 2 additions & 2 deletions src/subject_name/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ pub(crate) use dns_name::{WildcardDnsNameRef, verify_dns_names};
mod ip_address;
pub(crate) use ip_address::verify_ip_address_names;

// https://tools.ietf.org/html/rfc5280#section-4.2.1.10
// https://www.rfc-editor.org/info/rfc5280/#section-4.2.1.10
pub(crate) fn check_name_constraints(
constraints: Option<&mut untrusted::Reader<'_>>,
path: &PathNode<'_>,
Expand Down Expand Up @@ -113,7 +113,7 @@ fn check_presented_id_conforms_to_constraints(
return Some(Err(e));
}

// http://tools.ietf.org/html/rfc5280#section-4.2.1.10: "Within this
// https://www.rfc-editor.org/info/rfc5280/#section-4.2.1.10: "Within this
// profile, the minimum and maximum fields are not used with any name
// forms, thus, the minimum MUST be zero, and maximum MUST be absent."
//
Expand Down
2 changes: 1 addition & 1 deletion src/trust_anchor.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ pub fn spki_for_anchor(anchor: &TrustAnchor<'_>) -> SubjectPublicKeyInfoDer<'sta
fn extract_trust_anchor_from_v1_cert_der(
cert_der: untrusted::Input<'_>,
) -> Result<TrustAnchor<'_>, Error> {
// X.509 Certificate: https://tools.ietf.org/html/rfc5280#section-4.1.
// X.509 Certificate: https://www.rfc-editor.org/info/rfc5280/#section-4.1.
cert_der.read_all(Error::BadDer, |cert_der| {
der::nested(
cert_der,
Expand Down
6 changes: 3 additions & 3 deletions src/verify_cert.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -454,7 +454,7 @@ fn check_eku(
}
}

// https://tools.ietf.org/html/rfc5280#section-4.1.2.5
// https://www.rfc-editor.org/info/rfc5280/#section-4.1.2.5
fn check_validity(input: &mut untrusted::Reader<'_>, time: UnixTime) -> Result<(), Error> {
let not_before = UnixTime::from_der(input)?;
let not_after = UnixTime::from_der(input)?;
Expand All @@ -476,7 +476,7 @@ fn check_validity(input: &mut untrusted::Reader<'_>, time: UnixTime) -> Result<(
Ok(())
}

// https://tools.ietf.org/html/rfc5280#section-4.2.1.9
// https://www.rfc-editor.org/info/rfc5280/#section-4.2.1.9
fn check_basic_constraints(
input: Option<&mut untrusted::Reader<'_>>,
role: Role,
Expand Down Expand Up @@ -624,7 +624,7 @@ impl ExtendedKeyUsage {
}

impl ExtendedKeyUsageValidator for ExtendedKeyUsage {
// https://tools.ietf.org/html/rfc5280#section-4.2.1.12
// https://www.rfc-editor.org/info/rfc5280/#section-4.2.1.12
fn validate(&self, iter: KeyPurposeIdIter<'_, '_>) -> Result<(), Error> {
let mut empty = true;
#[cfg(feature = "alloc")]
Expand Down