On Mon, Jul 13, 2015 at 3:39 AM, Reimer Karlsen-Masur, DFN-CERT <
[email protected]> wrote:
> Hi,
>
> I read the latest draft-barnes-acme-03.txt and have a question:
>
> Is there an option for the ACME server to "send" or provide the ACME client
> a file, e.g. a PDF document that contains an invoice, contract, form etc. I
> think this is not possible with the current draft ACME spec but I want to
> be
> sure that I have not overseen that option.
>
>
I understand that the ACME server could email such a file/document to the
> email address that is associated with the registration object, but that
> seems out of band to the ACME protocol and I'd like to avoid OoB
> communication.
>
>
The document currently has this text:
The ACME client periodically contacts the CA to get updated
certificates, stapled OCSP responses, or whatever else would be
required to keep the server functional and its credentials up-to-
date.
I suppose a bill or contract could fall under this rubric. That's a
pull-based, rather than push-based mechanism, though, and I'm not sure what
your actual requirements are, as the email mechanism looks to me like it
should work unless the client loses access to the email address (which
obviously has other problems).
Can you unpack your concern a bit? Do you need this to work before the
cert is issued so that receipt of payment is required before issuance, for
example? That's going to get complicated pretty fast, honestly, so I'm not
sure it would be in scope.
regards,
Ted
> Any insight is much appreciated, thanks,
>
> Reimer
>
>
>
> _______________________________________________
> Acme mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/acme
>
>
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
