Internally at LE we have been having discussions around how the spec can most effectively reduce the harm of account key compromise and it seems like it could be a good topic to bring up at the upcoming IETF meeting.
We've come up with two distinct but not mutually exclusive ideas on this topic: * Deactivating authorizations on key roll-over, summarized here: https://www.ietf.org/mail-archive/web/acme/current/msg01747.html * Only allowing a single valid authorization per name to exist at the same time, summarized here: https://www.ietf.org/mail-archive/web/acme/current/msg01661.html Both of these proposals would be relatively large changes to the current follow and introduce certain issues for both individual users and large service integrators and could definitely use some public discussion before the spec is finalized. It would also be good to hear if there are any other thoughts from other implementors/contributors as to how we can best reduce the damage done by key compromise in general. -- Roland Bracewell Shoemaker Software Engineer Linux Foundation / Internet Security Research Group _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
