> My request for the ACME would be: If I can prove I own the top level domain, > I should also be allowed to issue certs for any subdomain without need for > verification of those.
Speaking as an individual, not co-chair. As a counter-example, if I own wordpress.net should I be able to get a cert for every single sub-domain? Or github.io? Or places like the government where sub-domains are probably separate organizations? And then how do you ensure that the right sub-domain owner gets the certificate and key? I am against this change. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
