On Apr 22, 2015 4:09 PM, "Ted Hardie" <ted.i...@gmail.com> wrote: > > Forgive the top posting, but I want to be sure I understand something. If the client specifies a port that is below 1024 but canonically used for something else, what is the specified behavior? My reading of the thread so far is that the server would expect to run ACME over it, even if were specified for, say, LDAP (389). > > Is that what folks expect?
Just to get this on the record, I think that we should have some advice that suggests a set of ports (other than 1024+) that are off-limits. I note that browsers are unwilling to connect to certain ports because of the concerns you allude to, we can recommend that the CA policy do the same (and be advised by the experience of browsers here). 389 is on that list, 25 probably too. I can try to find the list that Firefox uses if people think that is good advice to include.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme