[Acme] FW: Fwd: New Version Notification for draft-ietf-acme-star-delegation-01.txt
"Salz, Rich" <rsalz@akamai.com> Tue, 27 August 2019 15:11 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE0B0120827 for <acme@ietfa.amsl.com>; Tue, 27 Aug 2019 08:11:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fHU3N-9BF8Is for <acme@ietfa.amsl.com>; Tue, 27 Aug 2019 08:11:13 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEA16120831 for <acme@ietf.org>; Tue, 27 Aug 2019 08:11:13 -0700 (PDT)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.42/8.16.0.42) with SMTP id x7RF5MSZ007330 for <acme@ietf.org>; Tue, 27 Aug 2019 16:11:13 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=Y1QUcsizMKrcHGVsXOBTLc+hUFeHClrGvqG6O6WLf6s=; b=ffHrgXR/j49tjIS3ZKvQd94N0uGt8yRsHb/BW4BhDvIO4/UsRebwYAIeX4CG03iX0n90 /YYsVn1/gr7GqeJUaJFwCbEOYCgmPHV068ktKaqonnd28+az5kq0kBsT8M0zcecPzKsa 52KgpQV1bFn3hNt0/9A2tnAhzaxEBe2/31LwZnKH4DhiAb6y/uvQOF57bIQi1+aiseev 6jRaxLbMiie9krZ+6lJvua0wRjtLc+UW+64x4Fa6C91GZ4NgVuZ/py2Jo9+5wTn4yPFa gMFpQWpVrTs8wkSZOfC1pFOhUcARMBYH8c+Nq1t7Pf97narn7W9LdNwdocjlX9o4PHH4 Ag==
Received: from prod-mail-ppoint7 (prod-mail-ppoint7.akamai.com [96.6.114.121] (may be forged)) by m0050093.ppops.net-00190b01. with ESMTP id 2ujwcmd6pj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Tue, 27 Aug 2019 16:11:13 +0100
Received: from pps.filterd (prod-mail-ppoint7.akamai.com [127.0.0.1]) by prod-mail-ppoint7.akamai.com (8.16.0.27/8.16.0.27) with SMTP id x7RF66ak025186 for <acme@ietf.org>; Tue, 27 Aug 2019 11:11:12 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint7.akamai.com with ESMTP id 2uk0jwd9vg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Tue, 27 Aug 2019 11:11:12 -0400
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com (172.27.123.105) by usma1ex-dag3mb2.msg.corp.akamai.com (172.27.123.59) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 27 Aug 2019 11:11:10 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 27 Aug 2019 11:11:09 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1473.005; Tue, 27 Aug 2019 11:11:09 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] Fwd: New Version Notification for draft-ietf-acme-star-delegation-01.txt
Thread-Index: AQHVXKCtN3735+drqkCtgOuZMR+Sx6cPGg6A
Date: Tue, 27 Aug 2019 15:11:09 +0000
Message-ID: <B446D8E1-0563-4D24-BFA3-D77FA5A97B40@akamai.com>
References: <156688663499.2633.13348873823926960427.idtracker@ietfa.amsl.com> <0d62ec19-399c-94e7-a44a-098ccf99bc7e@gmail.com>
In-Reply-To: <0d62ec19-399c-94e7-a44a-098ccf99bc7e@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1c.0.190812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.37.129]
Content-Type: text/plain; charset="utf-8"
Content-ID: <D2955C0B5FC8C949905E6C10788A1E86@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-08-27_03:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908270155
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:5.22.84,1.0.8 definitions=2019-08-27_03:2019-08-27,2019-08-27 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 clxscore=1011 adultscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 phishscore=0 priorityscore=1501 mlxlogscore=999 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1906280000 definitions=main-1908270155
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/AsQwACHrbp8QYgyYHEOeW-eWs2s>
Subject: [Acme] FW: Fwd: New Version Notification for draft-ietf-acme-star-delegation-01.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Aug 2019 15:11:16 -0000
Colleagues, I encourage you to read this draft and post comments, if any, to the list. A structure for delegation opens up ACME to a large number of use cases. On 8/27/19, 2:28 AM, "Yaron Sheffer" <yaronf.ietf@gmail.com> wrote: The new version contains some significant changes: - Addition of the STIR use case. - Refinement of the CDNI use case. - Addition of the CSR template (partial, more work required). - Further security considerations (work in progress). Thanks, Yaron -------- Forwarded Message -------- Subject: New Version Notification for draft-ietf-acme-star-delegation-01.txt Date: Mon, 26 Aug 2019 23:17:15 -0700 From: internet-drafts@ietf.org To: Yaron Sheffer <yaronf.ietf@gmail.com>, Thomas Fossati <thomas.fossati@nokia.com>, Antonio Agustin Pastor Perales <antonio.pastorperales@telefonica.com>, Antonio Pastor <antonio.pastorperales@telefonica.com>, Diego Lopez <diego.r.lopez@telefonica.com> A new version of I-D, draft-ietf-acme-star-delegation-01.txt has been successfully submitted by Yaron Sheffer and posted to the IETF repository. Name: draft-ietf-acme-star-delegation Revision: 01 Title: An ACME Profile for Generating Delegated STAR Certificates Document date: 2019-08-26 Group: acme Pages: 17 URL: https://www.ietf.org/internet-drafts/draft-ietf-acme-star-delegation-01.txt Status: https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/ Htmlized: https://tools.ietf.org/html/draft-ietf-acme-star-delegation-01 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-delegation Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-delegation-01 Abstract: This memo proposes a profile of the ACME protocol that allows the owner of an identifier (e.g., a domain name) to delegate to a third party access to a certificate associated with said identifier. A primary use case is that of a CDN (the third party) terminating TLS sessions on behalf of a content provider (the owner of a domain name). The presented mechanism allows the owner of the identifier to retain control over the delegation and revoke it at any time by cancelling the associated STAR certificate renewal with the ACME CA. Another key property of this mechanism is it does not require any modification to the deployed TLS ecosystem. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
- [Acme] Fwd: New Version Notification for draft-ie… Yaron Sheffer
- [Acme] FW: Fwd: New Version Notification for draf… Salz, Rich
- Re: [Acme] Fwd: New Version Notification for draf… Ryan Sleevi
- Re: [Acme] Fwd: New Version Notification for draf… Thomas Fossati
- Re: [Acme] Fwd: New Version Notification for draf… Yaron Sheffer
- Re: [Acme] Fwd: New Version Notification for draf… Ryan Sleevi
- Re: [Acme] Fwd: New Version Notification for draf… Yaron Sheffer