On 02/13/2017 12:20 PM, Russ Housley wrote:
> I do not think it is a risk with the authorizations that have been
> defined. I was wondering about a situation where a client make a
> mistake. If a client tries to fulfill one of the authorizations and
> for some reason is unable to do so completely,
> In the WGLC thread, Russ asked:
>
>> In Section 6.5, should the example use different challenges for "http-01",
>> "tls-sni-02", and "dns-01"?
> (https://ietf-wg-acme.github.io/acme/#rfc.section.6.5)
>
> I assume you meant "token" here, and no, I think the token can be the same
> across
In the WGLC thread, Russ asked:
> In Section 6.5, should the example use different challenges for "http-01",
> "tls-sni-02", and "dns-01"?
(https://ietf-wg-acme.github.io/acme/#rfc.section.6.5)
I assume you meant "token" here, and no, I think the token can be the same
across multiple