Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please indicate when and if ARI (ACME Revocation Information) is supported #91

Open
jb-wisemo opened this issue May 29, 2024 · 1 comment
Open

Please indicate when and if ARI (ACME Revocation Information) is supported #91

jb-wisemo opened this issue May 29, 2024 · 1 comment
Assignees
@do-know

Comments

@jb-wisemo
Copy link

Let's Encrypt and the Google CA have added support for the ARI extension to the ACME2 protocol, where the ACME server can tell the client if it should renew at a different time than the usual default.

Latest draft RFC is at draft-ietf-acme-ari, it differs from some earlier drafts.
@do-know
Copy link
Owner

do-know commented Jun 1, 2024

Hi @jb-wisemo,

When I saw "revocation information", I thought for a second that could be about the revocation reason (which was recently added to the code but has not been pushed yet), but looks like it is different case. After reading the document you have referenced, it is not very clear to me how useful that functionality actually is, especially that it requires the client to specify which certificate is being replaced (and the client does not necessarily have to be run with the information about the previous certificate provided). Could you describe the use case which would illustrate the benefits of having such functionality added? Thanks.

@do-know do-know self-assigned this Jun 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@do-know do-know

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jb-wisemo @do-know