Closed aarongable closed 5 months ago
There's still not a version of this that I like. The suggestions in that thread and the associated mailing list thread are unworkable: complex mechanisms for listing all certs whose suggested windows have changed based on their issuance time or validation method are just a reinvention of CRLs. Simpler methods (e.g. a page-able per-account endpoint) may still be in the cards, but I haven't seen people really asking for those, I've just offered them as an alternative to other requests.
Given that we still haven't developed a version of this that we like, I'm going to close this out. I don't think it's worth it.
This would allow clients which manage many certs to get all of the relevant info in a single request. As requested here: https://community.letsencrypt.org/t/thoughts-from-starting-to-play-with-ari/200276