diff --git a/acme_common/src/crypto/openssl_certificate.rs b/acme_common/src/crypto/openssl_certificate.rs
index b5fc3fe..bf7c506 100644
--- a/acme_common/src/crypto/openssl_certificate.rs
+++ b/acme_common/src/crypto/openssl_certificate.rs
@@ -44,7 +44,7 @@ impl Csr {
         if !subject_attributes.is_empty() {
             let mut snb = X509NameBuilder::new()?;
             for (sattr, val) in subject_attributes.iter() {
-                snb.append_entry_by_nid(sattr.get_nid(), &val)?;
+                snb.append_entry_by_nid(sattr.get_nid(), val)?;
             }
             let name = snb.build();
             builder.set_subject_name(&name)?;
@@ -52,10 +52,10 @@ impl Csr {
         let ctx = builder.x509v3_context(None);
         let mut san = SubjectAlternativeName::new();
         for dns in domains.iter() {
-            san.dns(&dns);
+            san.dns(dns);
         }
         for ip in ips.iter() {
-            san.ip(&ip);
+            san.ip(ip);
         }
         let san = san.build(&ctx)?;
         let mut ext_stack = Stack::new()?;
@@ -190,7 +190,7 @@ fn gen_certificate(
         if !v.is_empty() {
             return Err(Error::from(super::INVALID_EXT_MSG));
         }
-        let acme_ext = X509Extension::new(None, Some(&ctx), &acme_ext_name, &value)
+        let acme_ext = X509Extension::new(None, Some(&ctx), acme_ext_name, value)
             .map_err(|_| Error::from(super::INVALID_EXT_MSG))?;
         builder
             .append_extension(acme_ext)
diff --git a/acmed/src/account.rs b/acmed/src/account.rs
index 791a699..694a42c 100644
--- a/acmed/src/account.rs
+++ b/acmed/src/account.rs
@@ -206,7 +206,7 @@ impl Account {
         let acc_ep = self.get_endpoint(&endpoint.name)?;
         if !acc_ep.account_url.is_empty() {
             if let Some(ec) = &self.external_account {
-                let external_account_hash = hash_external_account(&ec);
+                let external_account_hash = hash_external_account(ec);
                 if external_account_hash != acc_ep.external_account_hash {
                     let msg = format!(
                         "external account changed on endpoint \"{}\"",
diff --git a/acmed/src/account/storage.rs b/acmed/src/account/storage.rs
index 46757fa..2bf6c6e 100644
--- a/acmed/src/account/storage.rs
+++ b/acmed/src/account/storage.rs
@@ -154,12 +154,12 @@ fn do_save(file_manager: &FileManager, account: &Account) -> Result<(), Error> {
     let past_keys = account
         .past_keys
         .iter()
-        .map(|k| AccountKeyStorage::new(&k))
+        .map(|k| AccountKeyStorage::new(k))
         .collect::<Result<Vec<AccountKeyStorage>, Error>>()?;
     let external_account = account
         .external_account
         .as_ref()
-        .map(|a| ExternalAccountStorage::new(&a));
+        .map(|a| ExternalAccountStorage::new(a));
     let account_storage = AccountStorage {
         name: account.name.to_owned(),
         endpoints,
diff --git a/acmed/src/acme_proto.rs b/acmed/src/acme_proto.rs
index cda046d..25450b7 100644
--- a/acmed/src/acme_proto.rs
+++ b/acmed/src/acme_proto.rs
@@ -124,7 +124,7 @@ pub fn request_certificate(
     for auth_url in order.authorizations.iter() {
         // Fetch the authorization
         let data_builder = set_empty_data_builder!(account, endpoint_name);
-        let auth = http::get_authorization(endpoint, &data_builder, &auth_url)
+        let auth = http::get_authorization(endpoint, &data_builder, auth_url)
             .map_err(HttpError::in_err)?;
         if let Some(e) = auth.get_error() {
             cert.warn(&e.prefix("error").message);
@@ -165,10 +165,10 @@ pub fn request_certificate(
         // Pool the authorization in order to see whether or not it is valid
         let data_builder = set_empty_data_builder!(account, endpoint_name);
         let break_fn = |a: &Authorization| a.status == AuthorizationStatus::Valid;
-        let _ = http::pool_authorization(endpoint, &data_builder, &break_fn, &auth_url)
+        let _ = http::pool_authorization(endpoint, &data_builder, &break_fn, auth_url)
             .map_err(HttpError::in_err)?;
         for (data, hook_type) in hook_datas.iter() {
-            cert.call_challenge_hooks_clean(&data, (*hook_type).to_owned())?;
+            cert.call_challenge_hooks_clean(data, (*hook_type).to_owned())?;
         }
         hook_datas.clear();
     }
@@ -226,7 +226,7 @@ pub fn request_certificate(
     let data_builder = set_empty_data_builder!(account, endpoint_name);
     let crt =
         http::get_certificate(endpoint, &data_builder, &crt_url).map_err(HttpError::in_err)?;
-    storage::write_certificate(&cert.file_manager, &crt.as_bytes())?;
+    storage::write_certificate(&cert.file_manager, crt.as_bytes())?;
 
     cert.info(&format!(
         "certificate renewed (identifiers: {})",
diff --git a/acmed/src/acme_proto/account.rs b/acmed/src/acme_proto/account.rs
index 8a01a92..26af4a4 100644
--- a/acmed/src/acme_proto/account.rs
+++ b/acmed/src/acme_proto/account.rs
@@ -115,7 +115,7 @@ pub fn update_account_key(endpoint: &mut Endpoint, account: &mut BaseAccount) ->
     let old_account_key = account.get_past_key(&ep.key_hash)?;
     let old_key = &old_account_key.key;
     let account_url = account.get_endpoint(&endpoint_name)?.account_url.clone();
-    let rollover_struct = AccountKeyRollover::new(&account_url, &old_key)?;
+    let rollover_struct = AccountKeyRollover::new(&account_url, old_key)?;
     let rollover_struct = serde_json::to_string(&rollover_struct)?;
     let rollover_payload = encode_jwk(
         &account.current_key.key,
@@ -126,7 +126,7 @@ pub fn update_account_key(endpoint: &mut Endpoint, account: &mut BaseAccount) ->
     )?;
     let data_builder = |n: &str, url: &str| {
         encode_kid(
-            &old_key,
+            old_key,
             &old_account_key.signature_algorithm,
             &account_url,
             rollover_payload.as_bytes(),
diff --git a/acmed/src/acme_proto/http.rs b/acmed/src/acme_proto/http.rs
index ca1f9f9..e4fa7b5 100644
--- a/acmed/src/acme_proto/http.rs
+++ b/acmed/src/acme_proto/http.rs
@@ -34,7 +34,7 @@ pub fn post_jose_no_response<F>(
 where
     F: Fn(&str, &str) -> Result<String, Error>,
 {
-    let _ = http::post_jose(endpoint, &url, data_builder)?;
+    let _ = http::post_jose(endpoint, url, data_builder)?;
     Ok(())
 }
 
@@ -78,7 +78,7 @@ pub fn get_authorization<F>(
 where
     F: Fn(&str, &str) -> Result<String, Error>,
 {
-    let response = http::post_jose(endpoint, &url, data_builder)?;
+    let response = http::post_jose(endpoint, url, data_builder)?;
     let auth = response.json::<Authorization>()?;
     Ok(auth)
 }
@@ -124,7 +124,7 @@ pub fn finalize_order<F>(
 where
     F: Fn(&str, &str) -> Result<String, Error>,
 {
-    let response = http::post_jose(endpoint, &url, data_builder)?;
+    let response = http::post_jose(endpoint, url, data_builder)?;
     let order = response.json::<Order>()?;
     Ok(order)
 }
@@ -139,7 +139,7 @@ where
 {
     let response = http::post(
         endpoint,
-        &url,
+        url,
         data_builder,
         http::CONTENT_TYPE_JOSE,
         http::CONTENT_TYPE_PEM,
diff --git a/acmed/src/config.rs b/acmed/src/config.rs
index 036cef2..2589330 100644
--- a/acmed/src/config.rs
+++ b/acmed/src/config.rs
@@ -84,7 +84,7 @@ impl Config {
     pub fn get_account_dir(&self) -> String {
         let account_dir = match &self.global {
             Some(g) => match &g.accounts_directory {
-                Some(d) => &d,
+                Some(d) => d,
                 None => crate::DEFAULT_ACCOUNTS_DIR,
             },
             None => crate::DEFAULT_ACCOUNTS_DIR,
@@ -100,7 +100,7 @@ impl Config {
                     hook_type: hook.hook_type.iter().map(|e| e.to_owned()).collect(),
                     cmd: hook.cmd.to_owned(),
                     args: hook.args.to_owned(),
-                    stdin: get_stdin(&hook)?,
+                    stdin: get_stdin(hook)?,
                     stdout: hook.stdout.to_owned(),
                     stderr: hook.stderr.to_owned(),
                     allow_failure: hook
@@ -114,7 +114,7 @@ impl Config {
             if name == grp.name {
                 let mut ret = vec![];
                 for hook_name in grp.hooks.iter() {
-                    let mut h = self.get_hook(&hook_name)?;
+                    let mut h = self.get_hook(hook_name)?;
                     ret.append(&mut h);
                 }
                 return Ok(ret);
@@ -193,7 +193,7 @@ pub struct GlobalOptions {
 impl GlobalOptions {
     pub fn get_renew_delay(&self) -> Result<Duration, Error> {
         match &self.renew_delay {
-            Some(d) => parse_duration(&d),
+            Some(d) => parse_duration(d),
             None => Ok(Duration::new(crate::DEFAULT_CERT_RENEW_DELAY, 0)),
         }
     }
@@ -222,7 +222,7 @@ pub struct Endpoint {
 impl Endpoint {
     pub fn get_renew_delay(&self, cnf: &Config) -> Result<Duration, Error> {
         match &self.renew_delay {
-            Some(d) => parse_duration(&d),
+            Some(d) => parse_duration(d),
             None => match &cnf.global {
                 Some(g) => g.get_renew_delay(),
                 None => Ok(Duration::new(crate::DEFAULT_CERT_RENEW_DELAY, 0)),
@@ -247,7 +247,7 @@ impl Endpoint {
     ) -> Result<crate::endpoint::Endpoint, Error> {
         let mut limits = vec![];
         for rl_name in self.rate_limits.iter() {
-            let (nb, timeframe) = cnf.get_rate_limit(&rl_name)?;
+            let (nb, timeframe) = cnf.get_rate_limit(rl_name)?;
             limits.push((nb, timeframe));
         }
         let mut root_lst: Vec<String> = vec![];
@@ -375,7 +375,7 @@ impl Account {
             Some(h) => {
                 let mut res = vec![];
                 for name in h.iter() {
-                    let mut h = cnf.get_hook(&name)?;
+                    let mut h = cnf.get_hook(name)?;
                     res.append(&mut h);
                 }
                 res
@@ -499,10 +499,10 @@ impl Certificate {
 
     pub fn get_crt_dir(&self, cnf: &Config) -> String {
         let crt_directory = match &self.directory {
-            Some(d) => &d,
+            Some(d) => d,
             None => match &cnf.global {
                 Some(g) => match &g.certificates_directory {
-                    Some(d) => &d,
+                    Some(d) => d,
                     None => crate::DEFAULT_CERT_DIR,
                 },
                 None => crate::DEFAULT_CERT_DIR,
@@ -532,7 +532,7 @@ impl Certificate {
     pub fn get_hooks(&self, cnf: &Config) -> Result<Vec<hooks::Hook>, Error> {
         let mut res = vec![];
         for name in self.hooks.iter() {
-            let mut h = cnf.get_hook(&name)?;
+            let mut h = cnf.get_hook(name)?;
             res.append(&mut h);
         }
         Ok(res)
@@ -540,7 +540,7 @@ impl Certificate {
 
     pub fn get_renew_delay(&self, cnf: &Config) -> Result<Duration, Error> {
         match &self.renew_delay {
-            Some(d) => parse_duration(&d),
+            Some(d) => parse_duration(d),
             None => {
                 let endpoint = self.do_get_endpoint(cnf)?;
                 endpoint.get_renew_delay(cnf)
@@ -599,7 +599,7 @@ impl Identifier {
                 }
             },
         };
-        crate::identifier::Identifier::new(t, &v, &self.challenge, &self.env)
+        crate::identifier::Identifier::new(t, v, &self.challenge, &self.env)
     }
 }
 
diff --git a/acmed/src/hooks.rs b/acmed/src/hooks.rs
index 7f18935..483b27f 100644
--- a/acmed/src/hooks.rs
+++ b/acmed/src/hooks.rs
@@ -161,7 +161,7 @@ where
         .spawn()?;
     match &hook.stdin {
         HookStdin::Str(s) => {
-            let data_in = render_template(&s, &data)?;
+            let data_in = render_template(s, &data)?;
             logger.trace(&format!(
                 "hook \"{}\": string stdin: {}",
                 hook.name, &data_in
@@ -170,7 +170,7 @@ where
             stdin.write_all(data_in.as_bytes())?;
         }
         HookStdin::File(f) => {
-            let file_name = render_template(&f, &data)?;
+            let file_name = render_template(f, &data)?;
             logger.trace(&format!(
                 "hook \"{}\": file stdin: {}",
                 hook.name, &file_name
@@ -207,7 +207,7 @@ where
     T: Clone + HookEnvData + Serialize,
 {
     for hook in hooks.iter().filter(|h| h.hook_type.contains(&hook_type)) {
-        call_single(logger, data, &hook).map_err(|e| e.prefix(&hook.name))?;
+        call_single(logger, data, hook).map_err(|e| e.prefix(&hook.name))?;
     }
     Ok(())
 }
diff --git a/acmed/src/http.rs b/acmed/src/http.rs
index cea2af0..62f07b3 100644
--- a/acmed/src/http.rs
+++ b/acmed/src/http.rs
@@ -115,7 +115,7 @@ fn new_nonce(endpoint: &mut Endpoint) -> Result<(), HttpError> {
 
 fn update_nonce(endpoint: &mut Endpoint, response: &Response) -> Result<(), Error> {
     if let Some(nonce) = response.headers().get(HEADER_NONCE) {
-        let nonce = header_to_string(&nonce)?;
+        let nonce = header_to_string(nonce)?;
         if !is_nonce(&nonce) {
             let msg = format!("{}: invalid nonce.", &nonce);
             return Err(msg.into());
@@ -198,7 +198,7 @@ where
     }
     for _ in 0..crate::DEFAULT_HTTP_FAIL_NB_RETRY {
         let nonce = &endpoint.nonce.clone().unwrap_or_default();
-        let body = data_builder(&nonce, url)?;
+        let body = data_builder(nonce, url)?;
         rate_limit(endpoint);
         log::trace!("POST request body: {}", body);
         let response = session.post(url).text(&body).send()?;
diff --git a/acmed/src/main.rs b/acmed/src/main.rs
index eebe8fc..9deb3fb 100644
--- a/acmed/src/main.rs
+++ b/acmed/src/main.rs
@@ -69,7 +69,7 @@ fn main() {
                 .help("Path to the main configuration file")
                 .takes_value(true)
                 .value_name("FILE")
-                .default_value(&DEFAULT_CONFIG_FILE),
+                .default_value(DEFAULT_CONFIG_FILE),
         )
         .arg(
             Arg::with_name("log-level")
@@ -104,7 +104,7 @@ fn main() {
                 .help("Path to the PID file")
                 .takes_value(true)
                 .value_name("FILE")
-                .default_value(&DEFAULT_PID_FILE),
+                .default_value(DEFAULT_PID_FILE),
         )
         .arg(
             Arg::with_name("root-cert")
@@ -140,7 +140,7 @@ fn main() {
     );
 
     let config_file = matches.value_of("config").unwrap_or(DEFAULT_CONFIG_FILE);
-    let mut srv = match MainEventLoop::new(&config_file, &root_certs) {
+    let mut srv = match MainEventLoop::new(config_file, &root_certs) {
         Ok(s) => s,
         Err(e) => {
             error!("{}", e);
diff --git a/tacd/src/main.rs b/tacd/src/main.rs
index a9aed1e..c1c91b1 100644
--- a/tacd/src/main.rs
+++ b/tacd/src/main.rs
@@ -89,7 +89,7 @@ fn main() {
                 .help("Host and port to listen on")
                 .takes_value(true)
                 .value_name("host:port|unix:path")
-                .default_value(&DEFAULT_LISTEN_ADDR),
+                .default_value(DEFAULT_LISTEN_ADDR),
         )
         .arg(
             Arg::with_name("domain")
@@ -176,7 +176,7 @@ fn main() {
                 .help("Path to the PID file")
                 .takes_value(true)
                 .value_name("FILE")
-                .default_value(&DEFAULT_PID_FILE),
+                .default_value(DEFAULT_PID_FILE),
         )
         .get_matches();