The problem with using POST-as-GET for certificate resources, as Felipe I think pointed out, is that the thing that downloads the certificate URL is often not an ACME player, doesn't have an account, etc. It's a web server or something. (cf. the STAR drafts.) What I'm saying is that it's painful to make them integrate with ACME and we don't get any benefit.
On Fri, Aug 31, 2018 at 10:20 AM Salz, Rich <rs...@akamai.com> wrote: > > - - If a server is concerned about the privacy of certificate > resources, then they SHOULD assign them capability URLs. > > > > Not a fan of capability URL’s; does get/post handle things well enough? >
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme