I've read the document and have a few questions. In section 5 we say " A CA offering certificates to ".onion" Special-Use Domain Names SHOULD strongly consider making their ACME server available as a Tor hidden services." I think this sentence is a misuse of BCP 14 language, and "RECOMMENDED" is the right one to use here as something a step down from should
Section 3.1.2 says that there are modifications to the http-01 challenge, but I'm not sure what they are. Then in Section 8 we learn the challenge would fail. I'm a bit confused what is intended here. I think what's supposed to happen is there is text spelling out that http-01 is an instance of methods described in the BR 3.2.2.4.18 (https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1.pdf), and that now the CA goes and resolves the .onion, but I missed where this got spelled out. Maybe it's a matter of a missing reference in 3.1.2, although I think some text is needed. Sincerely, Watson Ladd -- Astra mortemque praestare gradatim _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
