Am 02.09.2016 um 16:49 schrieb Leo Famulari:

+    (name "acme-client")

I strongly suggest using a different name, as this is *one* of many implementations and it is not the "official" one.

+    (synopsis "Let's Encrypt client")

The synopsis should already state, this is *one* of the acme-clients. Something like "Let's Encrypt client used as standard at OpenBSD" is more meaningful.

+    (description "acme-client is a Let's Encrypt client implemented in C.  It
+uses a modular design, and attempts to secure itself by dropping privileges and

*shiver* Why would one implement this in an language like C, which is prone to buffer overflows, if there are implementations available in more secure languages?

--
Schönen Gruß
Hartmut Goebel
Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer
Information Security Management, Security Governance, Secure Software Development

Goebel Consult, Landshut
http://www.goebel-consult.de

Blog: http://www.goebel-consult.de/blog/filmgesprach-zu-201ecitizenfour201c-in-herrsching
Kolumne: http://www.cissp-gefluester.de/2010-06-adobe-und-der-maiszunsler