On Sun, Sep 13, 2020 at 5:25 AM Simon Ser <[email protected]> wrote:
> > The question would be whether or not it would get implemented. > > Yes, this is why I'm writing to this mailing list. Maybe I should've CC'ed > some > Let's Encrypt specific mailing list as well. It's certainly possible, but to be clear: any option for implementing a validation method needs to be clear enough that browser/OS vendors will permit it as acceptable. The gating function here is whether product vendors, for their products, find it sufficiently secure, not whether CAs do. CAs can often act as intermediaries, proposing ideas to browser/OS vendors. Ultimately, as (sometimes contracted, always delegated) suppliers, acting on behalf of the browser/OS vendor, your ultimate gate isn't demonstrating whether there's consensus to write an I-D, or consensus with a CA, but that there's consensus with the browser/OS vendors that would implement it within their root programs.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
