<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Acme on TurboLight Solutions</title><link>https://www.turbolightsolutions.com/tags/acme/</link><description>Recent content in Acme on TurboLight Solutions</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Wed, 01 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://www.turbolightsolutions.com/tags/acme/index.xml" rel="self" type="application/rss+xml"/><item><title>What's holding up the rollout of persistent domain validation for ACME?</title><link>https://www.turbolightsolutions.com/posts/dns-persist-01-rollout-blocked-by-security-issue/</link><pubDate>Wed, 01 Jul 2026 00:00:00 +0000</pubDate><guid>https://www.turbolightsolutions.com/posts/dns-persist-01-rollout-blocked-by-security-issue/</guid><description>&lt;p&gt;There is a new ACME validation method, &lt;code&gt;dns-persist-01&lt;/code&gt;, being standardized at the IETF, and it has even been rolled out to Let&amp;rsquo;s Encrypt&amp;rsquo;s staging environment. However, an unresolved security concern is blocking progress on the standard and the roll-out in production for Let&amp;rsquo;s Encrypt.&lt;/p&gt;
&lt;h2 id="dns-persist-01-dns-propagation-delays-begone"&gt;&lt;code&gt;dns-persist-01&lt;/code&gt;: DNS propagation delays begone!&lt;/h2&gt;
&lt;p&gt;While ACME has had a DNS-based validation method (&lt;code&gt;dns-01&lt;/code&gt;) since the very beginning &lt;sup id="fnref:1"&gt;&lt;a href="#fn:1" class="footnote-ref" role="doc-noteref"&gt;1&lt;/a&gt;&lt;/sup&gt;, it requires real-time updates to DNS for every validation attempt. This creates two issues:&lt;/p&gt;</description></item></channel></rss>