Ah ok. Got it.
That's good.
On Fri, May 25, 2018 at 11:07 AM Roland Shoemaker
wrote:
> The validation certificate should only ever be served for requests that
> negotiate the amce-tls/1 application protocol, which browsers or equivalent
> user software should never do. This allows the server (or
On Tue, May 15, 2018 at 2:37 AM Ilari Liusvaara
wrote:
> On Tue, May 15, 2018 at 01:20:14AM +, Richard Barnes wrote:
> > [ Adding the mailing list ]
> >
> > > S 6.6.
> > > > |
> > | |
> > > > | serverInternal | The server experienced
On Fri, May 25, 2018 at 12:08 PM, Eric Rescorla wrote:
>
> > > IMPORTANT
> > > S 6.2.
> > > > algorithm in its "alg" field
> > > >
> > > > o The JWS Payload MUST NOT be detached
> > > > o The JWS Protected Header MUST include the following fields:
> > > >
> > > > * "al
The validation certificate should only ever be served for requests that
negotiate the amce-tls/1 application protocol, which browsers or equivalent
user software should never do. This allows the server (or load balancer) to
continue serving normal traffic to users while also serving validation t
On Fri, May 25, 2018 at 08:09:01AM -0700, Ben Sykes wrote:
> Hi there,
>
> Having read through the draft spec, I have a concern over certificate
> renewals.
> As I read it, the server would have to temporarily use a customized
> self-signed certificate while the check is pending. Won't this mean a
* As I read it, the server would have to temporarily use a customized
self-signed certificate while the check is pending.
If you renew before the current cert expires, that’s not an issue, right?
___
Acme mailing list
Acme@ietf.org
https://www.ietf.
Hi there,
Having read through the draft spec, I have a concern over certificate
renewals.
As I read it, the server would have to temporarily use a customized
self-signed certificate while the check is pending. Won't this mean any
regular user connecting to that server over TLS at the time be prese
