Re: [Acme] Issue: Allow ports other than 443
Randy Bush <randy@psg.com> Tue, 24 November 2015 07:40 UTC
Return-Path: <randy@psg.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B3471A0334 for <acme@ietfa.amsl.com>; Mon, 23 Nov 2015 23:40:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.485
X-Spam-Level:
X-Spam-Status: No, score=-2.485 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.585] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Ib6r4wWMFhC for <acme@ietfa.amsl.com>; Mon, 23 Nov 2015 23:40:37 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A2491A0335 for <acme@ietf.org>; Mon, 23 Nov 2015 23:40:37 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1a18DJ-00026M-Vg; Tue, 24 Nov 2015 07:40:34 +0000
Date: Tue, 24 Nov 2015 08:40:32 +0100
Message-ID: <m2fuzvq1zj.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Martin Thomson <martin.thomson@gmail.com>
In-Reply-To: <CABkgnnVgU3sFcMnk=emADi9x7OR2bypGKqn4QBZuBuFC9sOHyg@mail.gmail.com>
References: <5e9b22a3942d4a39981878b13e4a7752@usma1ex-dag1mb1.msg.corp.akamai.com> <0630035C-E4F6-41AA-A339-7101B448F0FA@vigilsec.com> <m2si3wozrh.wl%randy@psg.com> <CABkgnnVgU3sFcMnk=emADi9x7OR2bypGKqn4QBZuBuFC9sOHyg@mail.gmail.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/y75JLcgTMYn-yxgHCz85YqL-Rhg>
Cc: IETF ACME <acme@ietf.org>
Subject: Re: [Acme] Issue: Allow ports other than 443
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2015 07:40:38 -0000
>> which is easier, going through kink on 443 or getting the IT security >> team to punch a hole for <iana-assigned-acme>? > Would it help if you could choose the option that sucked least for > your particular situation? That was what I was thinking. yes, it would help i admit to thinking of it as turning off a magic feature that wants to get you in trouble with IT security. we're talking about the kind of folk who scan all internal address space and whack you if you have an ssh port that allows password based access (i actually appreciate this one). randy
- [Acme] Issue: Allow ports other than 443 Salz, Rich
- Re: [Acme] Issue: Allow ports other than 443 Russ Housley
- Re: [Acme] Issue: Allow ports other than 443 Martin Thomson
- Re: [Acme] Issue: Allow ports other than 443 Douglas Calvert
- Re: [Acme] Issue: Allow ports other than 443 Martin Thomson
- Re: [Acme] Issue: Allow ports other than 443 Randy Bush
- Re: [Acme] Issue: Allow ports other than 443 Peter Eckersley
- Re: [Acme] Issue: Allow ports other than 443 Martin Thomson
- Re: [Acme] Issue: Allow ports other than 443 Randy Bush
- Re: [Acme] Issue: Allow ports other than 443 Hugo Landau
- Re: [Acme] Issue: Allow ports other than 443 Eliot Lear
- Re: [Acme] Issue: Allow ports other than 443 Randy Bush
- Re: [Acme] Issue: Allow ports other than 443 Kathleen Moriarty
- Re: [Acme] Issue: Allow ports other than 443 Yoav Nir
- Re: [Acme] Issue: Allow ports other than 443 Eliot Lear
- Re: [Acme] Issue: Allow ports other than 443 Niklas Keller
- Re: [Acme] Issue: Allow ports other than 443 Eliot Lear
- Re: [Acme] Issue: Allow ports other than 443 Niklas Keller
- Re: [Acme] Issue: Allow ports other than 443 Martin Thomson
- Re: [Acme] Issue: Allow ports other than 443 Peter Eckersley
- Re: [Acme] Issue: Allow ports other than 443 Phillip Hallam-Baker
- Re: [Acme] Issue: Allow ports other than 443 Eliot Lear
- Re: [Acme] Issue: Allow ports other than 443 Stephen Farrell
- Re: [Acme] Issue: Allow ports other than 443 Yoav Nir
- Re: [Acme] Issue: Allow ports other than 443 Stephen Farrell
- Re: [Acme] Issue: Allow ports other than 443 Rob Stradling
- Re: [Acme] Issue: Allow ports other than 443 Yoav Nir
- Re: [Acme] Issue: Allow ports other than 443 Darren J Moffat
- Re: [Acme] Issue: Allow ports other than 443 Eliot Lear