Here's a quick PR implementing Tim's proposed changes. https://github.com/ietf-wg-acme/acme/pull/420
Personally, these seem fine to me. I would be in favor of merging the PR. On Wed, Apr 11, 2018 at 4:41 PM, Tim Hollebeek <[email protected]> wrote: > > I think the draft is in very good shape. > > Unfortunately I didn't have as much time to go through it as I would have > liked, but I did find two things that are probably worth fixing: > > 1. "ACME clients SHOULD send a User-Agent header" > > I think there's no value in omitting it, so it should be changed to a MUST. > > 2. Using the same key pair for both the account key pair and the > certificate > key pair is a really bad idea. > > This should either be mentioned in the Operational Considerations, or > banned > outright. > > -Tim > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
