Hello Frederik, On 01/29/2016 08:47 AM, Frederik Braun wrote: > I'm concerned that an attacker might request > _acme-challenge.dyndns.example and get a valid certificate for > dyndns.example.
Does there exist a dynamic DNS service that allows setting TXT records? I've never seen one. Also this can also be easily mitigated by them just disallowing the _acme-challenge subdomain similar to the way they probably all disallow www. Thanks, moparisthebest _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
