On Wed, Sep 1, 2021 at 7:45 PM Michael Richardson <mcr+i...@sandelman.ca> wrote:
> This seems to make the ACME server keep a bunch of state itself (across > multiple HTTPS/TLS connections), while I suspect that most of us would like > the client to be responsible for keeping that authorization around. > > Would you agree with this? I'm not sure I understand this. Isn't it already the case today that ACME servers necessarily need to track this state? It's unclear if you're talking about an abstract goal, which the current specifications may not achieve, certainly not in terms of those widely deployed, or if you believe there's a concrete deployment today that is able to achieve this "stateless" design, that the wildcard work would be applicable to, and which would be unduly burdened by this. Certainly, for some of the other use cases (e.g. OV and EV using ACME), this is unquestionably true that state is managed on the server.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme