On Wed, Jul 6, 2016 at 4:50 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
> Nick Lamb <tialara...@gmail.com> writes: > > >ACME is a protocol intended to become an IETF Standards Track RFC. > > Oh dear God, another one? We've already got CMP, CMC, SCEP, EST, and a > whole > slew of other ones that failed to get as far as RFCs, which all do what > ACME > is trying to do. What's the selling point for ACME? That it blows up in > your > face at the worse possible time? > Read the draft, man. ACME is targeted at a problems that none of those other protocols solve -- most critically, enabling the applicant to demonstrate control of an identifier. That's the reason you have all of these CA proprietary APIs and ACME; these previous efforts failed to solve the problems people actually cared about. --Richard > > Peter. > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
