On 1/1/23 2:22 PM, Michael Richardson wrote:
I'm not entirely sure why I would want to delegate the domain validation to more than one entity. That seems like a source of insecurity.
Right. But the use case motivating this, to clorify, multi-CDN deployments. I agree that the document could be clearer about this - the underlying problem can be a little difficult to wrap your head around. This isn't the only way to solve the problem (currently empty server responses could be leveraged, for example, or some appalling DNS goo) but this proposal is straightforward and reasonable, and there is a need in CDN-land for something that allows multiple domain control validators. So, I'd like to see something published and I think this document is a good place to start. Melinda -- Melinda Shore [email protected] Software longa, hardware brevis _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
