Anders Rundgren <anders.rundgren....@gmail.com> wrote:
> In Open Banking, service providers (TPPs) are equipped with TLS client
> certificates as well as signature certificates. Currently the
> certificates (including associated private keys), are distributed by
> the CA as encrypted files. This makes updates fairly difficult and not
> entirely compatible with the highly regulated nature of these
> providers.
Who is responsible for renewing the certificates?
Is it the end clients, or the CA?
I don't really see the problem.
I am also not sure, if the certificates and private keys are managed by the
CA, why ACME necessary. It could be used, but it doesn't seem needed.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
