Thanks, authors, for the updates in
https://datatracker.ietf.org/doc/html/draft-ietf-acme-scoped-dns-challenges-00
.
Adding a "scope" (host, wildcard, or subdomain) to the DNS record name is
great. Reading the draft, I think it doesn't specify how the scope for a
given challenge is decided and com
Would it be illegal to server probe both scope and pass if there is intended
token?
On 2024년 3월 19일 오전 8시 3분 7초 GMT+09:00, Jacob Hoffman-Andrews
wrote:
>Thanks, authors, for the updates in
>https://datatracker.ietf.org/doc/html/draft-ietf-acme-scoped-dns-challenges-00
>.
>
>Adding a "scope" (ho
My goal for draft-acme-device-attest is to provide a relatively simple
method for issuing client certificates using the attestation schemes
and formats that exist today. Making "attObj" generic explodes the
complexity of implementing the draft.
I assume that this document will be supplanted by the
> I think it doesn't specify how the scope for a given challenge is decided
and communicated.
Great point. My intention that I should probably clarify in the draft is
that the server picks based on the Authorization object:
- If wildcard: true on the authorization object associated with the
