-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Right now, most of ACME’s validation methods can only be used by clients with
IP addresses in A/ records corresponding to the identifier, as well as
specific open ports. This is perfectly acceptable for most use cases right now,
but it becomes
On Thu, Oct 27, 2022 at 11:44:29AM -0500, Jeremy Saklad wrote:
>
> Right now, most of ACME’s validation methods can only be used by
> clients with IP addresses in A/ records corresponding to the
> identifier, as well as specific open ports. This is perfectly
> acceptable for most use cases rig
On Fri, Oct 28, 2022, at 06:04, Ilari Liusvaara wrote:
> It looks like the proposed dns-account-01 method would be very useful
> here. The key problem of dns-01 here is that it only allows one
> persistent authorization, whereas dns-account-01 allows multiple.
So relying on another authorization i