I'm writing my own ACME client for a deeply embedded IOT device.
If I have a standalone IOT device that is going to create a single account for just itself,
and then renew its certificate when it expires...
I've read elsewhere that account and server keys must be different.
Can I pre generate the account key and use the same account key across multiple devices/accounts?
What are the risks if the account key is not as secure as the device key?
Can I dynamically generate an account key, create an account.... get my device certificate then delete the account keeping the certificate valid?
Here is the use case I have a standalone IOT device providing a service paulshouse.fancythermostat.com
it generates an account key and a server key....
It goes through the whole process to get a certificate...
It renews etc...
At some point the IOT hardware dies....(no file system , no backups etc...)
It gets tossed in the trash....
fancythermostat sends out a new hardwar emodule with ZERO knowledge of the prior state of keys, certs etc....
The only thing it knows or gets configured for is its name paulshouse.
Its put in the same place as the previous thermostat it setup dynamic DNS or assumes the same address/DNS NAT passthrough as its predecessor....
Now it sets up a new account with new keys, and generates a new server key.... (all internal, nothing exposed) Will letsEncrypt let it ask for a new certificate for paulshouse.fancythermstat.com?
As it has lost ALL the keys for the previous occupent of paulshouse.fancythermostat.com is in the dumpster headed for a land fill....
If it wont allow that then how do you recover?
One approach would be to have a global compiled in account and account key for ALL fancythermstats.com,,,, and distribute it unchanged for all fancythermostats...
That seems insecure as any fancy thermostat that is ever compromised will give up its account info...