search

vanbroup / acme-auto-discovery

A mechanism for ACME clients to discover ACME server settings from a domain's CAA DNS record
https://vanbroup.github.io/acme-auto-discovery/draft-vanbrouwershaven-acme-auto-discovery.html
Other
5 stars 3 forks source link

Additional feedback from Q #9

Closed ounsworth closed 1 year ago

ounsworth commented 1 year ago

I think priority=0 should be the same as specifying no priority at all. That is priority defaults to 0 unless otherwise specified.

I would also suggest the wording: "The ACME client analyzes the valid CAA records, ignoring any it cannot process"

One final suggestion I've thought of is defining an 'Auto Discovery Critical' flag, that a client must be able to understand all parameters before proceeding with using this record, in case breaking parameters are added in future.

https://mailarchive.ietf.org/arch/msg/acme/bYU4pN4nqATifJasFkv5vUdSLmQ/

ounsworth commented 1 year ago

From Paul:

Humm, what if we change the discovery parameter so that instead of a Boolean that it can be "enabled", "disabled", "strict" or something? I just don't like to overload CAA with even more parameters.

Paul may have already updated text to address this.

vanbroup commented 1 year ago

I would also suggest the wording: "The ACME client analyzes the valid CAA records, ignoring any it cannot process"

This was addressed in 599df05

vanbroup commented 1 year ago

From Paul:

Humm, what if we change the discovery parameter so that instead of a Boolean that it can be "enabled", "disabled", "strict" or something? I just don't like to overload CAA with even more parameters.

Paul may have already updated text to address this.

@ounsworth what is your thought on this?

ounsworth commented 1 year ago

Looks good.