IETF Logo Mail Archive

Re: [Acme] ACME breaking change: Most GETs become POSTs

"Salz, Rich" <rsalz@akamai.com> Fri, 31 August 2018 14:51 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D838130E5C for <acme@ietfa.amsl.com>; Fri, 31 Aug 2018 07:51:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9udkMqnR4Fw for <acme@ietfa.amsl.com>; Fri, 31 Aug 2018 07:51:55 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED594130E65 for <acme@ietf.org>; Fri, 31 Aug 2018 07:51:54 -0700 (PDT)
Received: from pps.filterd (m0050096.ppops.net [127.0.0.1]) by m0050096.ppops.net-00190b01. (8.16.0.22/8.16.0.22) with SMTP id w7VEhgPm013399; Fri, 31 Aug 2018 15:51:12 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=RzsO5xfjkaN55BWCkJaDvdOfIyu++NAQo3t61PTqzzM=; b=U9f4gy52eDJOZ/CIw27X1cEJJcYyu//qOoAIQwuVEcB/vtpbLnZIwo26YSAcnUlxqii0 zwM1n2yJvbdJzKmrOkGoa0Vk8XNlTxX2CACPrh9KgVj/vurrSeUdriKlaV9qd/nDc55n lKuLFngUm3XSdw0yOkf/nIeRRVOCU+9Acw9DDYfjyorvrfRXNSRMWcu8Dzis5TJu4rI5 tMkyILfVDM4SNUKmMZ6wIEdHfMB0wAb0L5KJpBh9WELfElWn2d1EvxnG6TSk//AaXHcY XtMGz0258m8eri+VsHDSjMfyefl9O5LMHbWPtW2u87EXphY8xCLELz5NFYl2sFIgL5Cs IA==
Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by m0050096.ppops.net-00190b01. with ESMTP id 2m74s6gqvb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 31 Aug 2018 15:51:12 +0100
Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w7VEnoG6023354; Fri, 31 Aug 2018 10:51:11 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.57]) by prod-mail-ppoint1.akamai.com with ESMTP id 2m32evexrw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 31 Aug 2018 10:51:11 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Fri, 31 Aug 2018 10:51:11 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1365.000; Fri, 31 Aug 2018 10:51:11 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Richard Barnes <rlb@ipv.sx>
CC: Felipe Gasper <felipe@felipegasper.com>, IETF ACME <acme@ietf.org>
Thread-Topic: [Acme] ACME breaking change: Most GETs become POSTs
Thread-Index: AQHUQLgY8IiFXRttpU2nfkigMDQFKKTZOZOAgAAP+ACAAOKMgP//vbOAgABEqID//8Q5AA==
Date: Fri, 31 Aug 2018 14:51:10 +0000
Message-ID: <B12CAB85-F5DC-4CC1-9F02-F4FC7AF88650@akamai.com>
References: <c33184f3-4e64-b7ea-babb-d29e2307f1f3@eff.org> <2a889461-da9e-d3bd-e5a8-688eda61c614@eff.org> <51509028-1939-4851-8BB5-41F94FA146A1@felipegasper.com> <CAL02cgTLEMAMZQicNvXzQrRnGeemrUojmGe_8r=e_YZCNazdsQ@mail.gmail.com> <D171FC21-64FA-4438-AF45-520B5AFEEBF7@akamai.com> <CAL02cgQXx0fBUuxa8ivwTk09J5h8tWiNP8b+8taY8wPJxLypeA@mail.gmail.com>
In-Reply-To: <CAL02cgQXx0fBUuxa8ivwTk09J5h8tWiNP8b+8taY8wPJxLypeA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.0.180812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.45.105]
Content-Type: multipart/alternative; boundary="_000_B12CAB85F5DC4CC19F02F4FC7AF88650akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-31_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=484 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808310155
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-31_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=483 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808310154
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/1bRrqbgwO26C637K21Zq4iLwnLI>
Subject: Re: [Acme] ACME breaking change: Most GETs become POSTs
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2018 14:52:08 -0000

  *   The problem with using POST-as-GET for certificate resources, as Felipe I think pointed out, is that the thing that downloads the certificate URL is often not an ACME player, doesn't have an account, etc.  It's a web server or something.  (cf. the STAR drafts.)  What I'm saying is that it's painful to make them integrate with ACME and we don't get any benefit.

Oh right.  “Never mind.”

v2.23.0 | Report a Bug | By Email