Re: [Acme] Add a special token parameter in ACME registration
"J.C. Jones" <jjones@mozilla.com> Mon, 15 August 2016 15:53 UTC
Return-Path: <jjones@mozilla.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 710FC12B049 for <acme@ietfa.amsl.com>; Mon, 15 Aug 2016 08:53:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mozilla.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AzwdPLFgkjYZ for <acme@ietfa.amsl.com>; Mon, 15 Aug 2016 08:53:23 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50B3C12B050 for <Acme@ietf.org>; Mon, 15 Aug 2016 08:53:23 -0700 (PDT)
Received: by mail-qk0-x22b.google.com with SMTP id f123so46081701qkd.1 for <Acme@ietf.org>; Mon, 15 Aug 2016 08:53:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=p4lsz5JmlMzHzL0TTdx6fkj6Z8xm+mYHqL0RV0bDGDk=; b=TrUDe47JWWHU9MQlnP+jMFTcJQPtP0nLjnv11iRtesSu9XTdu14l4pp2ODkRScCN15 sL3TxC3Gid9NrBW0nQzMHoKrEnijY+5vW8iKCkTP8ghXw2wCNpGIrkxHucFCEmVQ3JqU 5xCDVLVw5VP3KR1JDD6+TGywz3CEeiJO5l9ng=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=p4lsz5JmlMzHzL0TTdx6fkj6Z8xm+mYHqL0RV0bDGDk=; b=BVYHVTfAxudu4ktUR3pNwo9k3d37mHrrZ7FukYmW5XNN9PlyvgadmqnJ0ZtwRLaS4b g1VGp5Maa4QCl1BhpsiJkx8lkJctmzmn2IimS6oxcckGLNb9/TRojAcOWh2tiNp+gid+ dbW5PGkQRFxQrTMaljM0TkSZdda0Am2SrLdfIcK4zlgPve2V7SM5eKR2GOIZUGSlqfju UDmO4TElXV63R2ETFz2HTmy2kGOON4W8ucnbe26ctV4QugiTtLHC1TUrHaObnUDJHcbE xF+QVTEntVtvs33v8mMzgJO4LFQwsKEKN7eBpR9seiIK7eu2dBQ+9wNjCjw7jQBJzf/n NG9g==
X-Gm-Message-State: AEkoouuNU9yBxxONL+5xaMz//g4l8iturEru1JBxaoVHAyNiQm7fcFJLWUl0Le1Qdm5EYARWhNl6KN6MBXeTVnW3
X-Received: by 10.55.22.144 with SMTP id 16mr32661525qkw.255.1471276402409; Mon, 15 Aug 2016 08:53:22 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.40.18 with HTTP; Mon, 15 Aug 2016 08:53:02 -0700 (PDT)
In-Reply-To: <236F64DDDC83C742A24E89E6E215CFC7E4CFB7@mx3.startssl.com>
References: <236F64DDDC83C742A24E89E6E215CFC7E4CFB7@mx3.startssl.com>
From: "J.C. Jones" <jjones@mozilla.com>
Date: Mon, 15 Aug 2016 08:53:02 -0700
Message-ID: <CAObDDPAEaiWE0Apao_sWin2njhC+CjQuw1D07upTsn4=BQQZnQ@mail.gmail.com>
To: Andy Ligg <andy@startssl.com>
Content-Type: multipart/alternative; boundary="001a1147b61e555cbd053a1e3b16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/0DiRKoQjZ4qWTbJcq3pNNSghk9c>
Cc: "Acme@ietf.org" <Acme@ietf.org>
Subject: Re: [Acme] Add a special token parameter in ACME registration
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2016 15:53:25 -0000
Hi Andy, I'm not sure I follow exactly what the format of this token would be, or what message(s) in the protocol you'd like to add it to. Perhaps you can make some specific recommendations - even if they're tentative examples - for the WG to look at and reason through? Thanks! J.C. On Sun, Aug 14, 2016 at 9:10 PM, Andy Ligg <andy@startssl.com> wrote: > Hi all, > > StartCom plan to use ACME protocol for StartEncrypt, we need to identify > the client's validation level, so the subscriber administration can > generate a special token in the StartSSL.com account that send this token > to the email address used in the ACME registration. > > At the registration, user need to enter email and this token with the > certificate to let the CA system know this customer's validation level. > After the CA system receive the email, the token and signing certificate, > CA system know what type of certificate we can issue to this client; if > this client account is class 4 validated, then the client can get EV SSL > certificate, not DV SSL. > please add this a parameter to the ACME protocol, thanks. > > Best Regards, > > Andy Ligg > StartCom > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- Re: [Acme] Add a special token parameter in ACME … Andrew Ayer
- Re: [Acme] Add a special token parameter in ACME … Andy Ligg
- Re: [Acme] Add a special token parameter in ACME … Andy Ligg
- Re: [Acme] Add a special token parameter in ACME … Richard Barnes
- Re: [Acme] Add a special token parameter in ACME … Martin Thomson
- Re: [Acme] Add a special token parameter in ACME … Richard Barnes
- Re: [Acme] Add a special token parameter in ACME … Jacob Hoffman-Andrews
- Re: [Acme] Add a special token parameter in ACME … Andy Ligg
- Re: [Acme] Add a special token parameter in ACME … Andy Ligg
- Re: [Acme] Add a special token parameter in ACME … Jacob Hoffman-Andrews
- Re: [Acme] Add a special token parameter in ACME … J.C. Jones
- [Acme] Add a special token parameter in ACME regi… Andy Ligg