HTTP-01 requires control over the webserver that the A-Record points to. This may not possible for embedded devices and is not possible for devices not exposed to the internet. It is problematic if A-Record points to more than one address e.g. with geo-based DNS resolution.
DNS-01 requires automatic access to dns which is much more complex than http-01.
It would be great to allow the http-01 challenge to be located on a deticated server. This could be done by using a certain TXT or SRV record that points to a host or URI that should be used for the challenge.
_letsencrypt-acme-challenge-http-01 IN TXT “http://acme.mydomain.com/acme-challenge”
A similar request was proposed at Shouldn't verification via DNS record be a priority?
The advantage of this solution is that it is only a minimal change to http-01 and that it would not influence security of http-01 (an attacker who can change the special TXT record could also change NS or A records, so that won’t make a difference).