Yes. The real issue here is that the cert contains the hostname and not the port. And so running the test on on other than 443 would provide for what amounts to a privilege escalation attack.
On 11/26/15 4:18 AM, Phillip Hallam-Baker wrote: > I am getting really nervous about allowing any port other than 443. > > I just did a scan of a very recent clean install of Windows and there > are a *TON* of Web servers running for apps that didn't mention they > had one. > > The thing is that if I am running a process on any sort of shared > host, I can pretty easily spawn a server and start applying for certs > for other domains. Not only can I get .well-known, I can have any host > name I like.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
