Closed igarashi50 closed 6 years ago
Many thanks for your proposal! I merged it but I'm concerned about:
Many thanks for your proposal! I merged it but I'm concerned about: 'NDO' should be 'DNO' ?
Thanks, it is a typo. I will change to 'DNO'.
Isn't it necessary for NDC to achieve an ACME challenge in the refresh step? If it is true, I think NDC cannot refresh the certificate in STAR-compliant way because NDC cannot control the DNS entry directly and cannot choose a HTTP-based ACME challenge.
The draft of STAR does not clearly state an ACME challenge at the refresh step. 2.2 Refresh in STAR. I guess that the refresh will be automatically by ACME Server and STAR Server(NDO), so NDC communicates only with ACME server to refresh the cert. I need to study this furthermore.
I am thinking of an example about STAR solution in local network. Please review it and make your comments.