Re: [Acme] kinds of proof
Tony Arcieri <bascule@gmail.com> Sun, 30 November 2014 03:37 UTC
Return-Path: <bascule@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D684C1A0151 for <acme@ietfa.amsl.com>; Sat, 29 Nov 2014 19:37:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P8Xw-pupGdyJ for <acme@ietfa.amsl.com>; Sat, 29 Nov 2014 19:37:14 -0800 (PST)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37A841A014C for <acme@ietf.org>; Sat, 29 Nov 2014 19:37:14 -0800 (PST)
Received: by mail-oi0-f44.google.com with SMTP id e131so6079083oig.3 for <acme@ietf.org>; Sat, 29 Nov 2014 19:37:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=PBEiZjl90ayI6UNsgQP40AscfZOUyohnP/qG5rmEpBk=; b=v+2saDRySf+gvJFQtcvYH4xP/+Q4sgjFrU4zosYCGdIknd2MeQsKs4gl5bpA68M8iE bL2pL7xa8u7KBb1LJBzV+15X1Bk32TrDDaivlWbV8o/yPQhwWOz+YZzpKLzSbd+tVj4H gu5YKt92is0tErblmBxJQESvSwIpfyYI18A1e5MItMvnqelPZ0y1kutEHjovL0bH42mq QxgEagUzdWA09rhWTs0vScUobPQmkHksfnTwxzHirB4WLmOFgN+wqaNY9cAZ6ZCOx2Ja 0igS4G1NWAGsJARCGR/TSk3wFxcut7aF4lYujlH18EjlahfISK+VL872qBxfjtLZcEzf TcVg==
X-Received: by 10.60.155.194 with SMTP id vy2mr5740495oeb.62.1417318633367; Sat, 29 Nov 2014 19:37:13 -0800 (PST)
MIME-Version: 1.0
Received: by 10.60.81.233 with HTTP; Sat, 29 Nov 2014 19:36:53 -0800 (PST)
In-Reply-To: <2B947AA7-1F40-4935-B003-F86A4FF4BB3A@vpnc.org>
References: <m27fyg4yzg.wl%randy@psg.com> <547754C0.9050306@cs.tcd.ie> <20141127211348.GE25114@mournblade.imrryr.org> <54784C61.2080508@cs.tcd.ie> <20141128170917.GC285@mournblade.imrryr.org> <88B49E1D-1601-4B86-8D93-14CF71501DFC@vpnc.org> <20141128213724.GG285@mournblade.imrryr.org> <7261AA75-5912-4514-A393-94F602C941C2@vpnc.org> <20141129170537.GK285@mournblade.imrryr.org> <046F438F-6230-4A3A-8A5C-708BA91E002B@vpnc.org> <20141129221139.GL285@mournblade.imrryr.org> <2B947AA7-1F40-4935-B003-F86A4FF4BB3A@vpnc.org>
From: Tony Arcieri <bascule@gmail.com>
Date: Sat, 29 Nov 2014 19:36:53 -0800
Message-ID: <CAHOTMVKHXFdiuvQP6WYSM27WsL0GXgUkxOtQMCWpU9HTiTQ=AA@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="089e0102dd06acef4b05090b3589"
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/0iGH5uJ5VS02AYtTl04fLwZaDmY
Cc: acme@ietf.org
Subject: Re: [Acme] kinds of proof
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Nov 2014 03:37:16 -0000
On Sat, Nov 29, 2014 at 7:29 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > I think this will have to be an "agree to disagree" situation. The Let's > Encrypt promotional material indicates that they want to get more HTTPS out > in the world, so they need to deal with the huge number of folks who use > hosting companies and thus have no DNS control. I believe that is a great > goal. I haven't fully been keeping up on the conversation, but if you're not using DNS, what proof can be given over plaintext HTTP alone that isn't susceptible to MitM attacks? DNS seems like a better foundation to build on.
- [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Joe Hildebrand (jhildebr)
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Michael Jenkins
- Re: [Acme] ACME or EST? Stephen Farrell
- [Acme] first order requirement - suitable as an o… Stephen Farrell
- Re: [Acme] ACME or EST? Salz, Rich
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] ACME or EST? Joe Hildebrand (jhildebr)
- Re: [Acme] ACME or EST? Stephen Farrell
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Viktor Dukhovni
- Re: [Acme] ACME or EST? Christian Huitema
- [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Christian Huitema
- [Acme] kinds of proof (was: Re: ACME or EST?) Stephen Farrell
- Re: [Acme] kinds of proof (was: Re: ACME or EST?) Phillip Hallam-Baker
- Re: [Acme] kinds of proof Stephen Farrell
- Re: [Acme] kinds of proof Salz, Rich
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Eric Rescorla
- Re: [Acme] ACME or EST? Eliot Lear
- Re: [Acme] kinds of proof (was: Re: ACME or EST?) Viktor Dukhovni
- Re: [Acme] kinds of proof Phillip Hallam-Baker
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Nico Williams
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Tony Arcieri
- Re: [Acme] kinds of proof Eric Mill
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Christian Huitema
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Phillip Hallam-Baker
- Re: [Acme] kinds of proof Trevor Freeman
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] kinds of proof Martin Thomson