Hello all, On 11/25/2015 05:13 AM, Paul Millar wrote: > I was wondering whether people have considered services running on > a port other than port 443; in particular, ports greater than > 1024.
I'm also somewhat concerned about this, I've read statements like this when talking about port 443: > ACME server needs some sort of assurance that the client controls the server. But I don't really know why that is or should be the case at all? Certs aren't really issued to the machine, but rather to any service on any port. There are countless services that run over TLS, IRC generally on 6697/7000/9999, XMPP on 5223, imaps, smtps, pops etc etc etc. Why shouldn't the client simply be able to tell the ACME server what port to test, and the ACME server assume if the client has access to ANY port on the server then it should be able to host ANY TLS service on that server? Thanks, moparisthebest _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
