Isn't this precisely what .well-known was meant to address? Eliot
On 11/24/15 4:33 AM, Peter Eckersley wrote: > +1 on both Rich's request and the IANA suggestion. > > I think something that would help for this purpose would be an > Internet-wide zmap scan of some plausible ports, to ensure there isn't > anything in widespread use on them that could be a relevant attack > surface for the challenge protocols. > > Anyone interested in volunteering to do some scans? > > On Mon, Nov 23, 2015 at 09:52:07AM -0800, Martin Thomson wrote: >> Could we ask IANA for a reserved system port (<1024)? Then it would >> be possible for an ACME client to operate without disturbing running >> services. >> >> On 23 November 2015 at 08:55, Russ Housley <[email protected]> wrote: >>> Allowing the Web server to continue running on 443 while validation takes >>> place on another port seems like a straightforward resolution to the issue >>> that is raised. >>> >>> Russ >>> >>> >>> On Nov 21, 2015, at 1:03 PM, Salz, Rich wrote: >>> >>>> Please see here for the background: >>>> https://github.com/ietf-wg-acme/acme/issues/4 >>>> >>>> But discuss this on the mailing list. >>> _______________________________________________ >>> Acme mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/acme >> _______________________________________________ >> Acme mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/acme >>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
