Hi there, Having read through the draft spec, I have a concern over certificate renewals. As I read it, the server would have to temporarily use a customized self-signed certificate while the check is pending. Won't this mean any regular user connecting to that server over TLS at the time be presented with the self-signed certificate? This would manifest as downtime for the service. Is there a provision for renewal using this method?
Thanks, Ben
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme