The biggest concern I have is the text regarding certificate lifetime
and the handling of the possibility that IP addresses are dynamically
allocated. This seems a little weak and it leaves a lot to the CA to
manage. Is there anything that can be done to gain a stronger
assertion that the
This looks good! Nice work.
On 07/16/2017 04:29 PM, Roland Bracewell Shoemaker wrote:
> There was some previous discussion about possibly using a slightly
> simpler DNS based verification method on the list last time I posted
> this as an individual submission. After reading through the CABF BRs
> We need a Jabber scribe and a note taker. Please volunteer.
There will be gifts.
___
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme
On Sun, Jul 16, 2017 at 11:10:35PM -0700, Roland Bracewell Shoemaker wrote:
> On 07/16/2017 10:14 PM, Ilari Liusvaara wrote:
> > On Sun, Jul 16, 2017 at 04:29:20PM -0700, Roland Bracewell Shoemaker wrote:
>
> The most recent proposed language clarifies that any method which looks
> up a DNS name
On 07/16/2017 10:14 PM, Ilari Liusvaara wrote:
> On Sun, Jul 16, 2017 at 04:29:20PM -0700, Roland Bracewell Shoemaker wrote:
>> There was some previous discussion about possibly using a slightly
>> simpler DNS based verification method on the list last time I posted
>> this as an individual