Re: [Acme] dns-01 challenge limitations
Philipp Junghannß <teamhydro55555@gmail.com> Sun, 13 September 2020 12:10 UTC
Return-Path: <teamhydro55555@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E3CC3A0CD1 for <acme@ietfa.amsl.com>; Sun, 13 Sep 2020 05:10:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AIUhCcX1gJwo for <acme@ietfa.amsl.com>; Sun, 13 Sep 2020 05:09:58 -0700 (PDT)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32DC53A0CCC for <acme@ietf.org>; Sun, 13 Sep 2020 05:09:58 -0700 (PDT)
Received: by mail-ej1-x635.google.com with SMTP id j11so19438742ejk.0 for <acme@ietf.org>; Sun, 13 Sep 2020 05:09:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=S36zWi2yp6EDfsIDhi6J83pFZUK3IRCovMLSjZj311s=; b=gHiscm9YsBL2/eqm4uEJ4dVUleIBzYU7aB5ZzjnwcTOcAXJ6dYcZhwSOrNNUlhLVYe Ey4rc1PsfvpT9NYBd2zxRAk1nr25oVe0dbvwUDalI37IQb7jxUcoWz/SOkQa1IiWEooO KZZVSBwhY1qcHx0PiuCCHH69UlqxTAMFItRNqv0asxhg5nySfaszP+QLm683cXBFhXe6 TvK1j57Rl31poP+XZVZLNVN8fMJDLGU8sun052ByDEztVfBa9M+KwTeTIEPhUADdY9HB Rg1zrMbowpWSHL1EeZzctgl2r0UUGTjhLdZ53GFaKo33PleRTITKabEvHzBTqzTvYJ4M Ayaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=S36zWi2yp6EDfsIDhi6J83pFZUK3IRCovMLSjZj311s=; b=OWOEU1gDbj9hkQfvyj/6nKPUfqzDzLY37IvMAZF3iGO0FHBuYP6TwP3A9NmNzJpgvy lHwL8kywSMPyBVY7vKSE9ixPUzsbTzVGk9gW/b+dAy/XE1ILcnKYKkXZjTkxdFnqvgWg nouK0n6OYUtPXNiEwKLmVkXH9dvNSQZZV28IIFfSx4iIpH6HDYm4DyWS0MLrW6vWjPjo GlPgTw/g+GYoSqioP79CdK5R7/UN0TlyNVR/jMGDngCiiUElnlKSz5r2l87LfmPxxtY1 SKW/rTR82zpqF6ydc6st2kdh53nqqNFqklhGtjk6jSP2E1Wmzkpqrs0OMhw9TxNM5/ir y4Ag==
X-Gm-Message-State: AOAM5327WYBjPNTqA9vAVrueHuHXat35rvAlO91TW7Px23QFncbW1R2O KXdoE1bNQnVeUWE3gzTHYVU/m0hWRkQTBe/R7G9QriaHl8nzmA==
X-Google-Smtp-Source: ABdhPJy2vCyOpviMJOIUJcFFglJp1z5OEBZHNtHAhTnd4v9yPkBDJkdcdqa7JlV4TT3ZysKqkg67vI7/wH6PnCoTQCw=
X-Received: by 2002:a17:906:c1d2:: with SMTP id bw18mr10332864ejb.240.1599998996641; Sun, 13 Sep 2020 05:09:56 -0700 (PDT)
MIME-Version: 1.0
References: <uu-OR5wP1b7svN1Rxems1U8_axHG7M8M9_kYqTBVyhQFxqrddppvhasyxKtLQ-4AZkrbBWhJ_9V-Xs8mQBK5E4smP4_1vANgZazIwicsbq0=@emersion.fr> <28079.1599844001@localhost> <lp_PV1Faiz60HayUqYhD_DtpPHgiEVhFMSeBPicOw9XsiDkG_6S6CmbqqD1CNqy5nN44FlX7BPZ0N4cQRksC2ZG7UmKhzE-HCnPJelNvhaE=@emersion.fr>
In-Reply-To: <lp_PV1Faiz60HayUqYhD_DtpPHgiEVhFMSeBPicOw9XsiDkG_6S6CmbqqD1CNqy5nN44FlX7BPZ0N4cQRksC2ZG7UmKhzE-HCnPJelNvhaE=@emersion.fr>
From: Philipp Junghannß <teamhydro55555@gmail.com>
Date: Sun, 13 Sep 2020 14:09:45 +0200
Message-ID: <CACHSkNpDu7HBEoPLnuRQtdMeLmBYmpLb+nAFawiLH1TpMgG6aQ@mail.gmail.com>
To: Simon Ser <contact@emersion.fr>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "Matthew.Holt\\@gmail.com" <Matthew.Holt@gmail.com>, "acme\\@ietf.org" <acme@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d5fbcb05af30cbc7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/KR7qx-E550OHyprH6CfBnJPV-64>
Subject: Re: [Acme] dns-01 challenge limitations
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Sep 2020 12:10:01 -0000
Simon Ser said: > > Are there specific reasons why dns-01 requires updating a DNS > record? > > > > Yes, because it proves you control the zone. > Right, but there could be other ways to prove this as well. care to share? what other methods are there to prove that you have access to the DNS zone RIGHT NOW.
- [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Philipp Junghannß
- Re: [Acme] dns-01 challenge limitations Felipe Gasper
- Re: [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Philipp Junghannß
- Re: [Acme] dns-01 challenge limitations Patrik Wallström
- Re: [Acme] dns-01 challenge limitations Ryan Sleevi
- Re: [Acme] dns-01 challenge limitations Ilari Liusvaara
- Re: [Acme] dns-01 challenge limitations Michael Richardson
- Re: [Acme] dns-01 challenge limitations Michael Richardson
- Re: [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Philipp Junghannß
- Re: [Acme] dns-01 challenge limitations Simon Ser
- Re: [Acme] dns-01 challenge limitations Kas
- Re: [Acme] dns-01 challenge limitations Philipp Junghannß
- Re: [Acme] dns-01 challenge limitations Jesper Kristensen
- Re: [Acme] dns-01 challenge limitations Michael Richardson
- Re: [Acme] dns-01 challenge limitations Ryan Sleevi
- Re: [Acme] dns-01 challenge limitations Ryan Sleevi
- Re: [Acme] dns-01 challenge limitations Jacob Hoffman-Andrews