> On 15 Jan 2017, at 15:03, Ilari Liusvaara <ilariliusva...@welho.com> wrote:
>
> On Sun, Jan 15, 2017 at 02:50:37PM +0100, Dirk-Willem van Gulik wrote:
>> ….
>
> That's not a new version. It is pre-WG version, published about 1.5
> years ago.
Ok - so I’ll ignore git - and will take the IETF latest as leading.
> The reason HTTPS support for HTTP authentication was removed was that
> many webservers handle HTTPS in odd manner, making alphabetically
> first HTTPS vhost the default, which would let one get certificates
> for vhosts one should not.
Ok.
> Currently in acme spec, the only ways to do verification without port
> 80 are TLS-SNI-02 (uses port 443) and DNS-01 (no connections at all,
> relies on DNS exclusively).
Ok - and is there any reason why allowing one to specify the port would not be
an option/bad idea ?
I am looking at the typical old school unix case - i.e. apache — where one
starts up as root and quickly
chroots/setuid()s - and where the servers are commonly deployed on port > 1024
by end users.
Thanks,
Dw.
_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme