Hi, On Friday, September 11, 2020 3:17 PM, Felipe Gasper <fel...@felipegasper.com> wrote:
> > On Sep 11, 2020, at 9:08 AM, Simon Ser cont...@emersion.fr wrote: > > For instance, it would be possible to require users to add a short public > > key > > in a DNS TXT record, then ask the ACME client to sign challenges with that > > key. > > Something like this would significantly ease the development of ACME > > clients. > > This would seem to introduce a new vector--key compromise--for being > able to impersonate the domain, wouldn’t it? > > Such an authz method would be proving not access to the domain > itself, but access to the key, and would be vulnerable to local > misconfigurations. It seems thus not dissimilar to the erstwhile > problem with tls-sni-01/02. Right now ACME clients need vendor-specific authorizations, like API tokens. If the DNS registry operator's token is leaked, much worse things can happen than just being able to issue wildcard certificates (since the token provides write access to DNS records). Thanks, Simon _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
