Request for well-known URI: acme-challenge

Roland Shoemaker <> Tue, 16 August 2016 20:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 62279126D74 for <>; Tue, 16 Aug 2016 13:18:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7rCTARc3bhv8 for <>; Tue, 16 Aug 2016 13:18:07 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c00::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9BA30128E19 for <>; Tue, 16 Aug 2016 13:18:07 -0700 (PDT)
Received: by with SMTP id h186so30664798pfg.3 for <>; Tue, 16 Aug 2016 13:18:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=9jNKB1y51k+uVIOn1SpuXVPwreBS3r/1ToI34EaKgU0=; b=P0G7N8xVFlRv7YGi10XfetaTmIhSkHpuo4oDIiziDs7PQtgGeNAbFoGAzwdSKRAAb8 oz2Ghw0LX1EjW+A2BuWBI7JtPV51Fs8uBzAW9clX9Y6RxpTTUMkx15gUM6byo3k/Hi5K kOKbv83xnx9jq5KABgGbTrMsedntpE/yYLW3Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=9jNKB1y51k+uVIOn1SpuXVPwreBS3r/1ToI34EaKgU0=; b=hKeo08S4jDwRsVC4e0t2XHXr20yG2XUyo6/sb72LAyKaTF68kH6f7N4C7ZlgmYRaNa h50QT3LjPvnhzOZl92CmDZIN89zNVeJwL3DBsojk2wNMUxxphLXCTnots6vxs2i+DNxl MtSINO8di/pdtZhmCiuJxk5L8ye+lHUqtxxvESbvtunNdEpBxYAUqyAN0Y5Mz8rZNojq TcalhMK/83F3prQZL5vea4KloCvpAGJ7Ge/WEmrSXkyX8/YxcHrwYBekpzzwzqfXW8Dl kf4RSkGtLxtE1RzxadPW99kJJrBARjS9ycSG5UGR3jxn3bcxZ6RXBMACTsYallYp8SNN Qp3A==
X-Gm-Message-State: AEkooutAHAn8IIAg3PYUCXOUK5HbXcyEI24LNTDNTRYpAIqNQ5NDRmYq//ATE61hAbmzg1KI
X-Received: by with SMTP id m10mr67711883pfj.146.1471378686776; Tue, 16 Aug 2016 13:18:06 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id xv9sm41479522pab.36.2016. for <> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Aug 2016 13:18:05 -0700 (PDT)
From: Roland Shoemaker <>
Subject: Request for well-known URI: acme-challenge
Message-ID: <>
Date: Tue, 16 Aug 2016 13:18:03 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Well-Known URI review list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 16 Aug 2016 20:18:09 -0000

Hey all,

The ACME draft RFC specifies a new well known URI
'/.well-known/acme-challenge' which is used for domain control
validation [0]. This URI is currently used extensively in production by
Let's Encrypt's server implementation.

Recently the CABF has introduced specific rules around the use of IANA
registered paths for validation [1] which mean we can no longer wait
until the publication of the ACME specification to register this path.

RFC5785 allows for paths to be registered given their respective
documents are likely to be published. Given the ACME WG is moving
towards entering WGLC would it be possible to register this path ASAP?




Roland Bracewell Shoemaker
Software Engineer
Let's Encrypt / ISRG / Linux Foundation