Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Descibe certbot use-case #116

Open
pawel-kow opened this issue Jan 24, 2025 · 0 comments
Open

Descibe certbot use-case #116

pawel-kow opened this issue Jan 24, 2025 · 0 comments
Labels
IETF Issues reported from IETF process

Comments

@pawel-kow
Copy link
Member

I expect you all know Certbot, the nifty little client that speaks to letsencrypt and obtains/updates certificates. If you ask it for a wildcard certificate it'll ask you to add/update a certain TXT record.

[PK] Certbot is a good example, which likely requires different handling than the Mox. Mox I would expect does more less one-off setup, where all RRs won't be changing any later, at least not in an unsupervised mode - only after configuration change of any sort. This is good for a synchronous flow. Certbot would rather expect to be able to renew the certificate after 3 months, so an asynchronous flow would be appropriate. It would have some specifics that DNS provider would have to care of, like having refresh token with lifespan long enough to match the renewal cycle. Anyway this is working in the protocol, there is an open source dynamic DNS client doing just that and heavily used in the wild.
@pawel-kow pawel-kow added the IETF Issues reported from IETF process label Jan 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
IETF Issues reported from IETF process
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pawel-kow