Please indicate when and if ARI (ACME Revocation Information) is supported
jb-wisemo opened this issue · comments
Let's Encrypt and the Google CA have added support for the ARI extension to the ACME2 protocol, where the ACME server can tell the client if it should renew at a different time than the usual default.
Latest draft RFC is at draft-ietf-acme-ari, it differs from some earlier drafts.
Hi @jb-wisemo,
When I saw "revocation information", I thought for a second that could be about the revocation reason (which was recently added to the code but has not been pushed yet), but looks like it is different case. After reading the document you have referenced, it is not very clear to me how useful that functionality actually is, especially that it requires the client to specify which certificate is being replaced (and the client does not necessarily have to be run with the information about the previous certificate provided). Could you describe the use case which would illustrate the benefits of having such functionality added? Thanks.