> On Jan 20, 2020, at 10:44 AM, Daniel McCarney wrote:
>
> I thought that was the reason why ACME limits wildcard authz to DNS.
>
> I don't think RFC 8555 imposes any restrictions on what challenge types can
> be used for wildcard identifiers. Limiting wildcard DNS identifiers to the
>
>
> I thought that was the reason why ACME limits wildcard authz to DNS.
I don't think RFC 8555 imposes any restrictions on what challenge types can
be used for wildcard identifiers. Limiting wildcard DNS identifiers to the
DNS-01 challenge is a policy decision by Let's Encrypt.
On Mon, Jan
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Automated Certificate Management Environment
WG of the IETF.
Title : ACME Integrations
Authors : Owen Friel
Richard
Will this document eventually also describe subdomain authz via the standard
ACME workflow?
Examples:
1) Client wants a certificate for example.com & www.example.com. Ideally, if
the client authzs example.com, then authz for www.example.com shouldn’t be
necessary.
2) Now client also wants a
FYI, https://tools.ietf.org/html/draft-friel-acme-subdomains-01 documents the
proposed new authorization object field "basedomain"
> -Original Message-
> From: Acme On Behalf Of Owen Friel (ofriel)
> Sent: 06 December 2019 15:41
> To: Salz, Rich ; acme@ietf.org
> Subject: [Acme] ACME