Re: [Acme] Automated procedure for DNS challenge records?

2017-07-06 Thread Rene 'Renne' Bartsch, B.Sc. Informatics
Am 07.07.2017 um 07:10 schrieb Eliot Lear: Just a caution that configuration for 2138 is not always straight forward and in implementation and deployment sometimes has interactions with other functions. I suggest that someone who really wants to do the standardization here install a version

Re: [Acme] Automated procedure for DNS challenge records?

2017-07-06 Thread Rene 'Renne' Bartsch, B.Sc. Informatics
Am 07.07.2017 um 03:56 schrieb Alan Doherty: At 09:40 06/07/2017 Thursday, Rene 'Renne' Bartsch, B.Sc. Informatics wrote: You think there should be a proprietary plug-in for any combination of DNS-provider <-> ACME-client? not at all (only mentioned plugin as many acme clients use

Re: [Acme] Automated procedure for DNS challenge records?

2017-07-06 Thread Alan Doherty
At 09:40 06/07/2017 Thursday, Rene 'Renne' Bartsch, B.Sc. Informatics wrote: >You think there should be a proprietary plug-in for any combination of >DNS-provider <-> ACME-client? not at all (only mentioned plugin as many acme clients use separately maintained plugins for each/every challenge

Re: [Acme] Consensus -- CAA draft to WGLC?

2017-07-06 Thread Salz, Rich
So let's see. Can we live with this? Create a spec-required registry for validation method names. Do not reference CABF docs. Change the CA sample names from A B to X Y or foo bar or this that or whatever. ___ Acme mailing list Acme@ietf.org

Re: [Acme] Automated procedure for DNS challenge records?

2017-07-06 Thread Patrick Figel
On 7/6/17 10:40 AM, Rene 'Renne' Bartsch, B.Sc. Informatics wrote: > You think there should be a proprietary plug-in for any combination of > DNS-provider <-> ACME-client? The best case would be RFC 2138, but that's not something that can be enforced. > Creating DNS challenges on the fly makes

Re: [Acme] Automated procedure for DNS challenge records?

2017-07-06 Thread Salz, Rich
> You think there should be a proprietary plug-in for any combination of DNS- > provider <-> ACME-client? The question is backwards. Does there have to be an open standard for any DNS provider/ACME client? There is an important distinction. ___ Acme

Re: [Acme] Consensus -- CAA draft to WGLC?

2017-07-06 Thread Martin Thomson
On 6 July 2017 at 20:07, Hugo Landau wrote: > Vendor-assigned identifiers could be supported as such: > vnd:example.com/custom-method RFC 6648 explains why vendor-prefixes can be a bad idea. I think that you should do as Yaron suggested and establish a registry. Set the