)]}'
{"zones/opendev.org/zone.db":[{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"f96cf0fdd6618bcc898fc55f68157b519ba3bfaf","unresolved":false,"context_lines":[{"line_number":169,"context_line":""},{"line_number":170,"context_line":"review01\t\tIN\tA\t104.130.246.32"},{"line_number":171,"context_line":"review01\t\tIN\tAAAA\t2001:4800:7819:103:be76:4eff:fe04:9229"},{"line_number":172,"context_line":"review01\t\t\tIN\tCAA\t0\tissue\t\"letsencrypt.org\""},{"line_number":173,"context_line":"review01\t\t\tIN\tCAA\t0\tiodef\t\"mailto:infra-root@openstack.org\""},{"line_number":174,"context_line":"review\t\t\tIN\tCNAME\treview01"},{"line_number":175,"context_line":"_acme-challenge.review\t\tIN\tCNAME\tacme.opendev.org."}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3fa7e38b_9e97589c","line":172,"updated":"2020-02-05 16:11:57.000000000","message":"I don\u0027t think it\u0027s safe to add this yet, since review.opendev.org is a CNAME to this name and the production cert is not yet issued by letsencrypt.org.","commit_id":"0fc5bec97630938a7a41cdb16840abbd40ffa319"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"f41b515d29a4b03915ae4a3ad43358cbae2c0255","unresolved":false,"context_lines":[{"line_number":169,"context_line":""},{"line_number":170,"context_line":"review01\t\tIN\tA\t104.130.246.32"},{"line_number":171,"context_line":"review01\t\tIN\tAAAA\t2001:4800:7819:103:be76:4eff:fe04:9229"},{"line_number":172,"context_line":"review01\t\t\tIN\tCAA\t0\tissue\t\"letsencrypt.org\""},{"line_number":173,"context_line":"review01\t\t\tIN\tCAA\t0\tiodef\t\"mailto:infra-root@openstack.org\""},{"line_number":174,"context_line":"review\t\t\tIN\tCNAME\treview01"},{"line_number":175,"context_line":"_acme-challenge.review\t\tIN\tCNAME\tacme.opendev.org."}],"source_content_type":"application/octet-stream","patch_set":1,"id":"3fa7e38b_7ecb7ca6","line":172,"updated":"2020-02-05 16:16:53.000000000","message":"On second thought, this isn\u0027t something a browser will check (unlike cert pinning), so as long as we don\u0027t intend to get a subsequent cert for review.o.o issued by someone other than letsencrypt.org this is probably fine to add up front.","commit_id":"0fc5bec97630938a7a41cdb16840abbd40ffa319"}]}