On Wed, Dec 2, 2015 at 8:52 AM, Salz, Rich <rs...@akamai.com> wrote: > > Otherwise there's no difference between 443 and any other priviledged > port. > > What's a privileged port? :) Clearly it's a local construct, at best. >
Under the name "system port" or "well-known port", it's been defined in IANA-related RFCs for a long time; the current one is RFC 6335/BCP 165. The baseline expectation is that both a local system administrator and remote parties know what service is running on a specific well-known port because the port number is conventionally bound to that service. If you are the administrator, you can, of course, ignore the convention. Speaking personally, I think the bar we're aiming for is that any challenge should demonstrate effective control of the system currently bound to the DNS name at issue or effective control of the DNS. Dynamic ports clearly don't do that, and not all system ports do either (the experimental ports clearly wouldn't). To get agreement that a specific challenge does do that, we kind have to have it written down and poked at; trying to reason about the set in the abstract doesn't appear to me to be worth it. No hats, Ted > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme