On 07/07/2017 12:35 PM, Richard Barnes wrote:
> Whether clients will notice depends on how we change the syntax to
> express the "binding". You seem to be assuming that we'll keep the
> syntax the same. That would mean that the server would note the
> keyAuthorization to be used with the
On Fri, Jul 7, 2017 at 2:06 PM, Jacob Hoffman-Andrews wrote:
> On 07/07/2017 06:42 AM, Richard Barnes wrote:
> > C) Instead of using *key* authorizations, use *account*
> > authorizations. Instead of the object being of "token.H(key)", make
> > it "token.H(account-url)".
> I like
On Thu, Jul 6, 2017 at 11:57 AM, Salz, Rich wrote:
> So let's see. Can we live with this?
>
> Create a spec-required registry for validation method names.
>
I share Hugo's concern about divergence here. Should we maybe just put
these in the ACME challenge types registry? It
>On Thu, Jul 6, 2017 at 11:57 AM, Salz, Rich <[1]rs...@akamai.com> wrote:
>
> So let's see. Can we live with this?
>
> Create a spec-required registry for validation method names.
>
>I share Hugo's concern about divergence here. Should we maybe just put
>these in the
> https://github.com/ietf-wg-acme/acme/pull/332
I like this. I proposed one minor wording clarification.
___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme
On Fri, Jul 07, 2017 at 07:04:27AM +0200, Rene 'Renne' Bartsch, B.Sc.
Informatics wrote:
>
> A lot of DNS server providers do not allow to modify the zones on the fly.
> My DNS server provider e.g. uses a hidden primary DNS for security reasons.
> Changing zones is only possible manually via the
On Fri, Jul 7, 2017 at 9:33 AM, Hugo Landau wrote:
> >On Thu, Jul 6, 2017 at 11:57 AM, Salz, Rich <[1]rs...@akamai.com>
> wrote:
> >
> > So let's see. Can we live with this?
> >
> > Create a spec-required registry for validation method names.
> >
> >I
On Wed, Jul 5, 2017 at 6:03 PM, Jacob Hoffman-Andrews wrote:
> On 06/30/2017 09:54 AM, Dunning, John wrote:
>
> Based on your description below, I think door A makes more sense to me.
> My paraphrase of it is that key authorizations get bound at creation time,
> and thus get