If you want to actually implement an ACME client from first principles, reading the RFC (plus related RFCs for JOSE etc) is probably easier than you think. I did exactly that when I made a client for myself.

I also wrote up a digested description of the issuance flow here: https://www.arnavion.dev/blog/2019-06-01-how-does-acme-v2-wo... It's not a replacement for reading the RFCs, but it presents the information in the sequence that you would follow for issuance, so think of it like an index to the RFC sections.

▲

anishathalye 2 months ago | parent | next [-]

Implementing an ACME client is part of the final lab assignment for MIT’s security class: https://css.csail.mit.edu/6.858/2023/labs/lab5.html

▲

Bluecobra 2 months ago | parent | next [-]

Nice thanks! I’ve been wanted to learn it as dealing with cert expirations every year is a pain. My guess is that we will have 24 hour certs at some point.

	▲	justusthane 2 months ago \| parent [-]
		I don’t know about 24 hours, but it will be 47 days in 2029.

▲

jazzyjackson 2 months ago | parent | prev [-]

Looks like a good class; is it only available to enrolled students? videos seem to be behind a log-in wall.

	▲	anishathalye 2 months ago \| parent [-]
		Looks like the 2023 lectures weren't uploaded to YouTube, but the lectures from earlier iterations of the class, including 2022, are available publicly. For example, see the YouTube links on https://css.csail.mit.edu/6.858/2022/ (6.858 is the old name of the class, it was renamed to 6.5660 recently.)

▲

distantsounds 2 months ago | parent | prev [-]

[flagged]

	▲	tomhow 2 months ago \| parent [-]
		Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes. Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something. https://news.ycombinator.com/newsguidelines.html