On Wed, Jun 20, 2018 at 4:47 PM, Roland Shoemaker
wrote:
> As previously discussed on the list the two property names defined in
> draft-ietf-acme-caa, "validation-methods” and "account-uri”, do not conform
> to the ABNF syntax in RFC 6844 as they contain hyphens. 6844-bis fixes this
> by expandi
As previously discussed on the list the two property names defined in
draft-ietf-acme-caa, "validation-methods” and "account-uri”, do not conform to
the ABNF syntax in RFC 6844 as they contain hyphens. 6844-bis fixes this by
expanding the ABNF to be less restrictive but for now this doesn’t real
On Wed, Jun 20, 2018 at 5:34 AM, Ilari Liusvaara
wrote:
>
> My understanding was that catastrophic problem was not the default-
> vhost behavior of Apache or Nginx, altough that could casue security
> issues. But instead, the problem was that many hosting provoders let
> one claim arbitrary hostn
On Tue, Jun 19, 2018 at 08:30:32PM -0400, Felipe Gasper wrote:
> Having read over the history of TLS-SNI as reported in the draft
> spec, I feel like it might be prudent to mention that a
> significant part of the failure of TLS-SNI was Apache httpd and
> its (nonsensical, IMO) behavior of sending