I still fail to understand why a 301 redirect to somewhere else doesn't satisfy this? ------------------------------
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <https://find-and-update.company-information.service.gov.uk/company/12417574>, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. Ar Gwen, 17 Ion 2025 am 19:55 Jared Crawford <jmcrawfor...@gmail.com> ysgrifennodd: > I believe this would achieve all of the same benefits as you describe, >> except for "Reduced Exposure". At which point, I think it is reasonable to >> suggest that Applicants use the "dns-01" method if their goal is to get >> certificates for hostnames whose webservers are not publicly exposed. > > > > The dns-01 method does address some of these cases but comes with its own > trade-offs, such as: > > - > > Performance: We see significantly slower and less reliable validations > with dns-01 as compared to http-01. > - > > Non-parallelizable issuance: dns-account-01 somewhat addresses this, > but requires creating / managing multiple accounts. > > > The key distinction is that the HTTP-based delegation retains the > operational simplicity of http-01 for organizations that are already > comfortable using it, while addressing the constraints of environments > where dns-01 performance is problematic. > > > As an alternative, we considered implementing dns-01 with a custom > DNS-speaking server that fronts a challenge database. This addresses the > above concerns without a change to ACME, but introduces additional > complexity and likely isn’t feasible for most consumers. > > > I hope this clarifies the motivation for this proposal. > _______________________________________________ > Acme mailing list -- acme@ietf.org > To unsubscribe send an email to acme-le...@ietf.org >
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
