summaryrefslogtreecommitdiffstats
path: root/docs/reference/plugins/validation/dns/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/reference/plugins/validation/dns/index.md')
-rw-r--r--docs/reference/plugins/validation/dns/index.md19
1 files changed, 0 insertions, 19 deletions
diff --git a/docs/reference/plugins/validation/dns/index.md b/docs/reference/plugins/validation/dns/index.md
deleted file mode 100644
index 84251f5..0000000
--- a/docs/reference/plugins/validation/dns/index.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-sidebar: reference
----
-
-# DNS validation
-DNS validation works as follows:
-- For each domain, e.g. `sub.example.com`, the ACME server provides a
-challenge consisting of an `x` and `y` value. The truth is actually a little
-more complicated than that, but for the sake of this explanation it will suffice.
-- The client has to make sure that when the ACME server requests the TXT
-records for `_acme-challenge.sub.example.com`,
-there should be at least one record called `x` with content `"y"`.
-- There may be more than one validation lookup for the same token, e.g. from
-different locations or different protocols (IPv4/IPv6).
-- Let's Encrypt validates the DNSSEC chain.
-- Let's Encrypt follows CNAME records and respects delegated autority.
-- Let's Encrypt does *not* disclose the source locations of these lookups, which
-effectively means that the DNS records have to be public, at least for the duration of
-the validation. \ No newline at end of file
generated by cgit v1.1 at 2025-05-10 23:17:52 +0000