> By issuing a single certificate with Subject Alternate Names to cover multiple
> domains, LetsEncrypt can leak the IP of an origin server that is behind a
> service such as Cloudflare. This increases the risk of DDOS attack.
LetsEncrypt isn't ACME. ACME is an IETF protocol, based on the initial
protocol that the LetsEncrypt organization is using.
If you are conerned about multiple SAN names leaking information, then don't
request a SAN cert?
/r$
--
Senior Architect, Akamai Technologies
IM: [email protected] Twitter: RichSalz
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
