> On 23 Apr 2015, at 06:18, Richard Barnes <[email protected]> wrote:
>
>
>
> On Thu, Apr 23, 2015 at 12:09 AM, Martin Thomson <[email protected]
> <mailto:[email protected]>> wrote:
> On 22 April 2015 at 19:33, Peter Eckersley <[email protected]
> <mailto:[email protected]>> wrote:
> > Perhaps those policies can be stored out of band, or perhaps we can add
> > a separate REST API endpoint where clients ask what ports the server
> > considers acceptable for DV Challenges.
>
>
> Or just pick port 100 (or another that isn't already taken) and say
> 443 or _that_. I can't imagine you would need to have many numbers
> before you found one that was free.
>
> This seems like a simpler and safer option to me. Register an ACME port and
> use that if HTTPS isn't feasible.
>
> Bruce, would that meet your use case? That is, in your scenario, can the
> CalDAV service open a new (privileged) port, or does the ACME verification
> have to happen on the CalDAV port?
>
Any port that is currently unused on the client is fine with me. (CalDAV was
just as example.)
Bruce
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
