On 05/30/2017 08:32 AM, Yaron Sheffer wrote: > - The server only supports HTTPS, and perhaps port 80 is blocked by a > firewall. This situation applies to many REST endpoints. This is in general a bad configuration. Leaving port 80 open for the purposes of redirects is safe, and provides a better first-time users experience (repeat users may take advantage of an HSTS header, which I would assume to be present in such a config). And keep in mind that validation in ACME follows redirects.
> - I am migrating from a non-ACME to an ACME cert, and so the server > has a perfectly valid HTTPS cert. Or migrating from one ACME CA to a > different one. This doesn't make it harder to server HTTP on port 80. > - I would like to ensure (using CAA records) that my CA is not subject > to a DNS cache corruption attack - a threat that the ACME Security > Considerations specifically mention. I think this is the most compelling reason to offer HTTPS authorization. In particular, I think it may make sense as a special requirement for "high risk" validations. That is, for certain validations, the ACME server may choose to require validation over HTTPS using a certificate that validates to a certain set of roots. However, requiring validation over HTTPS using a valid certificate would be too onerous for general-purpose certificates, because it would mean that server operators who lose their account key and all certificate private keys could not recover and issue a certificate without manual intervention. I think HTTPS-with-valid-certificate is an interesting topic for future implementation, but is complex enough that we shouldn't try to squeeze it into the current document.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
