I think #420 is a good addition and is worth merging once Martin Thomson's
review feedback is addressed.

Thanks Richard, Tim.


On Wed, Apr 11, 2018 at 6:04 PM, Jacob Hoffman-Andrews <j...@eff.org> wrote:

> I agree, these seem worth merging.
>
> On 04/11/2018 01:56 PM, Richard Barnes wrote:
>
> Here's a quick PR implementing Tim's proposed changes.
>
> https://github.com/ietf-wg-acme/acme/pull/420
>
> Personally, these seem fine to me.  I would be in favor of merging the PR.
>
>
> On Wed, Apr 11, 2018 at 4:41 PM, Tim Hollebeek <tim.holleb...@digicert.com
> > wrote:
>
>>
>> I think the draft is in very good shape.
>>
>> Unfortunately I didn't have as much time to go through it as I would have
>> liked, but I did find two things that are probably worth fixing:
>>
>> 1. "ACME clients SHOULD send a User-Agent header"
>>
>> I think there's no value in omitting it, so it should be changed to a
>> MUST.
>>
>> 2. Using the same key pair for both the account key pair and the
>> certificate
>> key pair is a really bad idea.
>>
>> This should either be mentioned in the Operational Considerations, or
>> banned
>> outright.
>>
>> -Tim
>>
>>
>> _______________________________________________
>> Acme mailing list
>> Acme@ietf.org
>> https://www.ietf.org/mailman/listinfo/acme
>>
>>
>
>
> _______________________________________________
> Acme mailing listAcme@ietf.orghttps://www.ietf.org/mailman/listinfo/acme
>
>
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme
>
>
_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme

Reply via email to