Hi, Reading the ACME 02 draft, I have a concern regarding the identifier authorization life time.
Given a compromised TLS server, the attacker can solve an ACME challenge and be authorized for the hosts's name. This authorization can then be used to obtain valid certificates, even after the intrusion has been stopped, for as long as the authorization is valid (ten months in boulder). This risk comes in addition to common DV exposure and is present for (almost) any TLS server, not only the ones using ACME. If the above holds, it would appear beneficial if the authorization was valid only briefly: as long as it takes to obtain the desired certificates. Is there a reason to allow the long life times? Thanks! _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
