On Tue, May 30, 2017 at 11:49:43AM -0400, Richard Barnes wrote: > That just argues for adding for an "https-06" (which is always HTTPS) to go > alongside "http-01" (which is always HTTP).
One idea would be to require matching SAN in certificate (but not trusted signer nor in-validity-window). That is required anyway for HTTPS site selection on webservers to operate sanely. Lack of trusted signer requirement allows using self-signed certs for the initial validation and lack of in-validity-window allows renewing an expired certificate. However, that wouldn't fix the issues if the host lets one upload arbitrary certificates for one's vhost (however, if one can do that, then even TLS-SNI-02 is vulernable). -Ilari _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
