Brian Sniffen commented on the mention of CDN in the discussion of
delegation tokens.
If N multiple domains on a CDN are acceptable fronts, then we may
want some way to indicate this without publishing and maintaining N
separate tokens.
Those multiple domains will not share TLS keys (or will be under a TLS
wildcard), so delegation to a certificate is enough to cover this. I
think you can just cut this paragraph, but maybe I don't know something
about some sort of CDN?
This is probably a rejoinder to the previous issue, that the specification
of delegation tokens needs some work.
Brian Sniffen commented on the mention of CDN in the discussion of delegation tokens.
Those multiple domains will not share TLS keys (or will be under a TLS wildcard), so delegation to a certificate is enough to cover this. I think you can just cut this paragraph, but maybe I don't know something about some sort of CDN?
This is probably a rejoinder to the previous issue, that the specification of delegation tokens needs some work.