Am 29.10.2017 um 19:02 schrieb [email protected]: > Title : Extensions to Automatic Certificate Management > Environment for end user S/MIME certificates > Author : Alexey Melnikov > Filename : draft-ietf-acme-email-smime-01.txt > Pages : 4 > Date : 2017-10-29
> The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-acme-email-smime/ Hello, I like to comment the questions (open issues section) 1. Do we need to handle text/html or multipart/alternative in email challenge? Simplicity suggests "no". I would vote for text/plain, but given the messages users send these days I expect many do not even know there is something other then text/html That may be a problem... 2. Do we need a proof that ACME client can submit email on behalf of the user, not just read the challenge using IMAP? Receiving a message is relevant if the certificates public key is used for encryption A submitted email mean the certificated private key is used for signing. Maybe that view help to answer the question (which I currently cannot :-/) Andreas _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
