Open vanbroup opened 9 months ago
Security Consideration 9.3 needs to be re-written in light of the existence of the ACME-Client-Discovery draft and the fact that we are now expecting clients (CSPs) to use the same ACME client key for all their customers. We do not believe that there is any increased security risk given that the CSP already has DNS control of the customer's domain; especially coupled with a client authorization mechanism as described in the ACME-Client-Discovery draft.
Needs a small amount of thought, but should be straightforward to re-write.
It's implied that cloud service providers (i.e., a specific ACME account key) can request certificates for any domain for which they can demonstrate domain control; there is an open question about whether a mechanism should exist whereby subscribers can explicitly authorize a given cloud service provider to issue a certificate with a given subject name (OV/EV).
We should evaluate the Security Considerations for situations where the ACME account key is managed by a Cloud Service Provider and shared between multiple subscribers.