Hi there,
In the following context speaking of "ACME" means any able ACME server
integration (but first and foremost Let's Encrypt).
We're a web hosting company interested in providing our customers with a
one-click Let's Encrypt / ACME solution. Since we're in control of the
web server, customer data and DNS we can present the user with the TOS
and do all the other stuff automatically afterwards.
So far this whole ACME thing sounds awesome and we've started
implementing the auth challenge workflow successfully.
But:
We as a hosting company will have to integrate / recover ACME accounts
into our infrastructure to communicate with their respective ACME
accounts. This presents us with the following issues:
- How would a customer transfer his / her ACME account including all
certificates if (s)he wants to move from another hoster to us? What's
the general plan for ACME account transfers here?
- How does a customer transfer a certificate / general ACME resource
from one ACME account to another?
- How is it possible to have an ACME account and using a couple
different hosting providers with the same one if you'd always have to
regenerate a key pair and recover the account after switching hosters?
- How will payment be handled in the future if an existing cert provider
implements ACME?
- Is it correct that in the future working with multiple ACME providers
will mean working with multiple account key pairs / ID's etc.?
So in short: as long as an existing customer of ours does not possess an
ACME account yet we're fine and dandy. The problem arises with longer
term considerations and migration / mutation processes regarding
existing ACME accounts.
--
Freundliche Grüsse
Christian Gartmann
Developer
--
cyon GmbH, Aeschengraben 6, CH – 4051 Basel
Hotline: +41 800 840 840
https://www.cyon.ch
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
