On 07/17/2017 10:48 PM, Martin Thomson wrote: > The biggest concern I have is the text regarding certificate lifetime > and the handling of the possibility that IP addresses are dynamically > allocated. This seems a little weak and it leaves a lot to the CA to > manage. Is there anything that can be done to gain a stronger > assertion that the allocation is (more) persistent? An affirmation > from someone higher in the tree perhaps? I think ultimately this is a policy question and outside the scope of ACME (except for pointing out that it's worth thinking about). If we want a mechanism for owners of IP space to express the policy they'd like CAs to apply to that space, it should probably look something like CAA.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme