> I must admit that I'm not very familiar with DANE. > > What would be a typical use case where you use ACME but you don't > already know the root cert? Where DANE is used, a trust anchor is referenced by a hash of its public key or certificate, which is placed in a DNSSEC-secured DNS record. This trust anchor isn't necessarily one already known to the client connecting to a TLS server, since the whole idea is that DANE/DNSSEC is the real trust anchor and whatever CA is used for the TLS server certificate is trusted by virtue of being referenced by hash.
Because of this, where DANE is used, the trust anchor must be served by the TLS server in the certificate chain. This is a waste of bandwidth but otherwise harmless where DANE is not used, but is critical when supporting DANE. An ACME setup shouldn't be expected to know the root certificate because it may change over time. For example, currently Let's Encrypt serves certificates using the IdenTrust cross-signed intermediates. It could at some point switch to using its own ISRG root, once it has sufficient prevalence in trust stores; if an ACME setup makes assumptions about what root an ACME server issues using, breakage would result when this happens. Moreover root certificates do have an eventual expiry date and need to be swapped out. (Or acquired CAs could desire to switch to a new root without breaking servers, or so on, and so forth.)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
