I already had suggested this. Because it is “stupid” to change the DNS for the challenge.
- Publish the challenge response via DNS
Better is publish an public key or key fingerprint
- Prove in the challenge that you have access to the public key.
Less json calls, and less modifications to the dns.
- Less updates in the DNS caches.