On Thu, Jan 11, 2024 at 7:15 PM Amir Omidi wrote:
> There is nothing blocking .dev domains responding over http. To be
> specific, a TLD can not block a protocol like that.
>
Right, but one should not expect to get a redirect response. The server
shouldn't answer (many of them do, which is a
There is nothing blocking .dev domains responding over http. To be
specific, a TLD can not block a protocol like that.
Amir Omidi (he/them)
On Thu, Jan 11, 2024 at 22:13 Rob Sayre wrote:
> It sounds like that's a bug or at least a discrepancy.
>
> .dev domains should never respond over HTTP.
It sounds like that's a bug or at least a discrepancy.
.dev domains should never respond over HTTP. The whole point is to avoid
that initial request.
thanks,
Rob
On Thu, Jan 11, 2024 at 7:10 PM Aaron Gable wrote:
> This erratum changed "completed" to "initiated", so the document now
>
This erratum changed "completed" to "initiated", so the document now
correctly allows redirects from HTTP to HTTPS. If you believe that
challenges should be able to be initiated over HTTPS as well, this erratum
is not the right place for that discussion.
But perhaps more importantly, ACME Servers
CA ignores HSTS: they aren't browsers, likewise they ignore certificate
staudes of https page walie validating too.
2024-01-12 오후 12:02에 Rob Sayre 이(가) 쓴 글:
Hi,
Is this one valid?
https://www.rfc-editor.org/errata/eid6843
> the challenge must be initiated over HTTP, not HTTPS.
What if the
Hi,
Is this one valid?
https://www.rfc-editor.org/errata/eid6843
> the challenge must be initiated over HTTP, not HTTPS.
What if the host is on a .dev domain? That should be in the HSTS preload
list.
thanks,
Rob
___
Acme mailing list
Acme@ietf.org
The following errata report has been held for document update
for RFC8555, "Automatic Certificate Management Environment (ACME)".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6317
--
Internet-Draft draft-ietf-acme-dtnnodeid-12.txt is now available. It is a work
item of the Automated Certificate Management Environment (ACME) WG of the
IETF.
Title: Automated Certificate Management Environment (ACME) Delay-Tolerant
Networking (DTN) Node ID Validation Extension
Author:
The following errata report has been held for document update
for RFC8555, "Automatic Certificate Management Environment (ACME)".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6843
--