Sean,
Thank you for this review!
I'm preparing changes based on this feedback. For your #2 and #4 my
preference is to cite the IANA registry as the authority with RFC 9174 as
the secondary only because I want to treat RFC 9174 as an informative
reference. It certainly informs the use case of this
Stephen,
All of your interpretations look correct to me; thank you for this
insightful review!
I can add a paragraph to Section 1.1 "Scope" explaining what the experiment
actually is and what it is not. I agree that the ACME validation is the
well-understood portion and the utility of the
Hi! Glad the WG adopted this and am very supportive of this whole get a new
certificate before it expires (and don’t crush the CA while you do it)!
Just one thing I am trying to square away: second para of s5 motivates the
POST-as-GET to unauthenticated GET by saying the info isn’t
Hi! Some comments:
tl;dr: Let the experiment begin!
# General
I thought this document is well written and easy to follow.
# Nits
1) s1: s/certificate authorities/Certification Authorities (CAs)
2) s2: I think maybe you can drop the IANA-SMI reference here:
… identified by id-on-bundleEID
