ureq uses webpki-roots as the default list of trusted https certificates to reduce the number of dependencies that ureq relies on by default.
The rustls discord suggested that bevy instead makes use of rustls-platform-verifier which uses the OS's list of trusted TLS certificated. This is the default behaviour of most applications because relying on a static list of root certificates puts the onus on the application developer to regularly keep the certificates up to date otherwise the app can become insecure and incompatible with the internet. See here for more info on rustls-platform-verifier vs webpki-roots.
Implementing this would be very straightforward but making it customisable would require more design (if its enabled by default then how would someone exclude rustls-platform-verifier as a feature and how would this fit in with exposing more of ureq's options in a cross-platform compatible way).
Additional context
This only applies to ureq so this issue doesn't affect wasm.
ureq uses
webpki-rootsas the default list of trusted https certificates to reduce the number of dependencies that ureq relies on by default.The rustls discord suggested that bevy instead makes use of
rustls-platform-verifierwhich uses the OS's list of trusted TLS certificated. This is the default behaviour of most applications because relying on a static list of root certificates puts the onus on the application developer to regularly keep the certificates up to date otherwise the app can become insecure and incompatible with the internet. See here for more info onrustls-platform-verifiervswebpki-roots.Implementing this would be very straightforward but making it customisable would require more design (if its enabled by default then how would someone exclude rustls-platform-verifier as a feature and how would this fit in with exposing more of ureq's options in a cross-platform compatible way).
Additional context
This only applies to ureq so this issue doesn't affect wasm.