On 13 May 2015 at 15:59, Ted Hardie <[email protected]> wrote: > "ACME certificate management must provide automated methods for revocation > parallel to those use to request a certificate"?
I think that you might find the discussions on revocation on the (proposed) acme spec enlightening here. I believe that there are several ways in which authorization might be determined: if you were the one to originally request the certificate, if you have the private key for that certificate, and some other mix of factors whereby those two parties signal that they have delegated this authority to you. That's why I favour the more general wording chosen; even if it is technically different. It does potentially create a more complex protocol, but this allows the working group to make that choice, rather than baking it into the charter. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
