Re: [Acme] Proposal for http challenge: Lookup SRV records before A/AAAA records
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 10 February 2016 14:35 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D5A51B2B72 for <acme@ietfa.amsl.com>; Wed, 10 Feb 2016 06:35:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZSsLOngB9Qyf for <acme@ietfa.amsl.com>; Wed, 10 Feb 2016 06:35:34 -0800 (PST)
Received: from mail-pf0-x22d.google.com (mail-pf0-x22d.google.com [IPv6:2607:f8b0:400e:c00::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91C8A1B2B66 for <acme@ietf.org>; Wed, 10 Feb 2016 06:35:16 -0800 (PST)
Received: by mail-pf0-x22d.google.com with SMTP id c10so13131193pfc.2 for <acme@ietf.org>; Wed, 10 Feb 2016 06:35:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:message-id:in-reply-to:references:subject :mime-version:content-type; bh=M98JjOP/nWlym2a2FqzNOcTJSthVTQeBg/w36oexGO0=; b=tOz2/OV64t9jEeFpmB709fZA+Z29yZNvPCyUCAMuqHDB6EI45oEgT0ssJI+CmaTJ8+ ALut2+Bkrm5+hlhzhkwwAa0tMlXR0klBdQ4VqPk2Z1KqQ+8iGRjsLS9Z8HSOQgKJV0BB 9hDrhcDdVypZ8S51wNpCbWnV7ToRvu7hKioX+3Z35VkUjtHbkZqdODDKr0ZsHLcAokBa oBgZBxJTn0SKIQ3D0v99XR0WxvBHkb0m727qfGMZFqW5zDWeoCfchrBTeWCpoyD7kYJM ehBHIbYwhJRBN/FvqkdSTeIV+bFpwTubS6J2vuqS3idk9y95o6TD1eR0A6AIIddKUUwc TqbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version:content-type; bh=M98JjOP/nWlym2a2FqzNOcTJSthVTQeBg/w36oexGO0=; b=JylcLffI4acNlLe30h6rbkxjauXlu7p+nF+CgMnhn1AeZXmcIblpAb8Uws1rAPKsyu WcGr70QBODHlkBIGUYI1OS2XBaR4ITx9BVymC1zO3UNOYPN9s7Gu1C+LvSnMCb5l8PU4 Db6FBnFj6IfGTPj54j4kgfYaOk4T+XNU7WgIVB+eaTv5VmdRScK76lOOyZl21ZHQUPSV wkdtsNI+RpbAcJPRbDFPAzZgMSiPMuttOLnyTawi74LZZLV3W372qMa3IxFp7/0fYjlJ mgt8ptCbBUK3etUUKk0EK913BImt7938O9Nirz8OMA6Pw45ZyYdzn47zl5VgPelMnjlu lW8w==
X-Gm-Message-State: AG10YOQhEgsXYZowIAgsWClxRZ4qN5ij6CsXI3v29jSWYF4DTDAnEvmqw67O/qZOjncH0w==
X-Received: by 10.98.80.80 with SMTP id e77mr58891853pfb.126.1455114916232; Wed, 10 Feb 2016 06:35:16 -0800 (PST)
Received: from mail.outlook.com (ec2-52-24-139-88.us-west-2.compute.amazonaws.com. [52.24.139.88]) by smtp.gmail.com with ESMTPSA id t29sm5771513pfi.8.2016.02.10.06.35.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Feb 2016 06:35:13 -0800 (PST)
Sender: Phillip Hallam-Baker <hallam@gmail.com>
Date: Wed, 10 Feb 2016 14:35:12 +0000
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Eric Rescorla <ekr@rtfm.com>, "Salz, Rich" <rsalz@akamai.com>, Michael Wyraz <michael@wyraz.de>
Message-ID: <994C5976EA09B556.38B0AEAE-8312-4250-9413-D5729115421C@mail.outlook.com>
In-Reply-To: <7d88aa61208f4b26ae1761405a4d7d87@ustx2ex-dag1mb1.msg.corp.akamai.com>
References: <56BA5BFF.2040207@wyraz.de> <CABcZeBP=Ck25mGZi+NQ71VhW9eHRS3FzRH7bx6py19ormE0fGg@mail.gmail.com> <7d88aa61208f4b26ae1761405a4d7d87@ustx2ex-dag1mb1.msg.corp.akamai.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_5267_1751946500.1455114912576"
X-Mailer: Outlook for iOS and Android
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/Zsc9X01IoOQ_SQ8dZU2Xts5vFwU>
Cc: IETF ACME <acme@ietf.org>
Subject: Re: [Acme] Proposal for http challenge: Lookup SRV records before A/AAAA records
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Feb 2016 14:35:36 -0000
Seems to me that we should specify a set of use cases, reduce them to requirements and then make sure we have at least one mechanism that covers each use case. It is not necessary for every use case to be covered by every mechanism. In fact that is the point of having multiple mechanisms. Sent from Outlook Mobile On Wed, Feb 10, 2016 at 6:27 AM -0800, "Salz, Rich" <rsalz@akamai.com> wrote: > This doesn't seem like a great idea. ACME should largely behave the same way that Web clients do. If you want to muck with DNS just use the DNS challenges. As an individual, not co-chair, I strongly agree with this. _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
- [Acme] Proposal for http challenge: Lookup SRV re… Michael Wyraz
- Re: [Acme] Proposal for http challenge: Lookup SR… Eric Rescorla
- Re: [Acme] Proposal for http challenge: Lookup SR… Salz, Rich
- Re: [Acme] Proposal for http challenge: Lookup SR… Phillip Hallam-Baker