Cristian Le

@unreality A few things: - Could you add appropriate flags to `step ca init` to enable this in the `ca.json` generation - Clarify and/or add the options to add the...

If they implement their own acme like client, would it be possible to connect it to step's CA and inherit its features?

I was thinking about this issue again, and doesn't `step-ca` already support all the needed with `Certificate Templates`? Standard ACME would not be applicable, but using OAuth would be ideal...

@tashian are there plans for smallstep to host their own rpm repository? Otherwise, in order to get step integrated upstream, we would need to include at least a simple spec...

So the plan is to include the `.spec` file instead of using `nfpm`? I do support that just for the fact that we can have the packages pushed to distro...

I will try this out on a cloud node to see how it would affect other implementations. Will this become available to self-hosted `step-ca`, or only through `smallstep.com`?

Any info on how the `sshd` can process custom `Critical options`? I want to make a simple `AuthorizedPrincipalsCommands` to specify which machines and URLs it is allowed to access. I...

Indeed it is a big issue to tackle, but we'll get there eventually. On the implementation, consider coordinating with [polhenarejos/acme_email](https://github.com/polhenarejos/acme_email) on standardizing a discovery endpoint on the CA server. Probably...

If both parties have different CAs then yes, it would be less useful. But if they have different domains but connect to the same CA, you get the benefits of...

> (e.g., with DMARC? I didn't know DMARC did that though?) I did more digging on the DMARC part, and it seems there is no support for anything other than...