On Mon, Dec 14, 2015 at 12:00 PM, Ilari Liusvaara <[email protected]> wrote: > On Mon, Dec 14, 2015 at 05:53:17PM +0100, Julian Dropmann wrote: >> > >This effectively means, as a domain zone admin, I have to trust every >> > single service I define, not just to properly deliver this service, but >> > also not to exploit his ability to obtain signed certificates in my name. >> > >> > Yes. >> >> >> And you are perfectly aware, that this was not the case before ACME-enabled >> CAs existed, and now applies to every single domain admin on this planet, >> right? > > I think there are non-ACME CAs that allow validation mechanism similar to > the HTTP validation (and where already before ACME ones came really > around).
https://buy.wosign.com/free > > > -Ilari > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
