[Servercert-wg] Discussion Period Begins on Ballot SC43: Clarify Acceptable Status Codes
sleevi at google.com
Fri Mar 12 18:13:36 UTC 2021
On Fri, Mar 12, 2021 at 1:11 PM Dimitris Zacharopoulos (HARICA) <
dzacharo at harica.gr> wrote:
> On 12/3/2021 6:47 μ.μ., Ryan Sleevi wrote:
> Given the length of discussion here, are you aware of systems not yet
> conforming? Perhaps you can speak about what concrete (rather than
> abstract) difficulties there would be?
> That's not to say an effective date is a forgone conclusion, but I think
> as a Forum, we're much more productive when members with concrete concerns
> bring them forward, rather than abstracts "on behalf of someone else". For
> example, what challenges might HARICA face? Understanding that would help
> both make better ballots, and perhaps highlight industry good practices
> from other CAs that HARICA could adopt so that these aren't concerns in the
> CAs need to update their validation code to allow ONLY these specific HTTP
> responses for redirects. This also needs to be applied consistently,
> including ACME implementations that may not currently support this
> configuration option. For example, I believe EJBCA does not have this
> option for their ACME server engine component.
> For HARICA, it's easy to update the main RA code but we currently rely on
> EJBCA for ACME and that might cause some delays.
> I hope this helps.
Yup! Makes total sense now :)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Servercert-wg