Re: [Acme] Proposed ACME Charter Language
Ted Hardie <ted.ietf@gmail.com> Wed, 13 May 2015 22:59 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B97421B31BC for <acme@ietfa.amsl.com>; Wed, 13 May 2015 15:59:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rwUxzRPgeQx1 for <acme@ietfa.amsl.com>; Wed, 13 May 2015 15:59:13 -0700 (PDT)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0C141B31A0 for <acme@ietf.org>; Wed, 13 May 2015 15:59:12 -0700 (PDT)
Received: by wicmc15 with SMTP id mc15so2481398wic.1 for <acme@ietf.org>; Wed, 13 May 2015 15:59:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NvZHP5gOoT3yp4EZYO1xbdDfEI3OWLtaU6OCleweMn0=; b=C93+2eEdpEFvq1i6ZIEBlHwlVJ3BmC2IRt7SWGW4d/amVo3Unu+NiZTC7P8dC/TEoY X2oK8aSkyRabnZP1ySWiOOTJs+/91kNEE+BINU2L5tvjV+nPNwhCB1m2u5s7cs19NFwj MexE2ajHW/0wIkvYqSB+1B2qu2rLZTp2xvOt0FLSvfY0ym2ObOzzy9u2VT5LGOLUGWI1 9j8LGzJfO8PsO8WLfqtYnNpW7FRpLvEu+xuvOYZecoWN6AqZXzXR8tw3Oye6Hggi8as+ vNqtMS+FRO8t72nfzwdEqymCWR+oO/7LW0i5dr1eA4x6lP92Op8UQEXrRdeeSNoD0d9x 5huA==
MIME-Version: 1.0
X-Received: by 10.194.185.107 with SMTP id fb11mr2185218wjc.9.1431557951334; Wed, 13 May 2015 15:59:11 -0700 (PDT)
Received: by 10.194.185.171 with HTTP; Wed, 13 May 2015 15:59:11 -0700 (PDT)
In-Reply-To: <m2617wyu1v.wl%randy@psg.com>
References: <6A9C3116-8CC9-472C-8AA8-F555D060834C@vigilsec.com> <55351EAB.1060905@cs.tcd.ie> <E81896AA-245F-48B7-9B38-86AC30D2F82A@vigilsec.com> <553523E4.2090808@cs.tcd.ie> <84718B26-1DA3-4D46-8B6F-B615806229D7@vigilsec.com> <CABcZeBOy2yBEMGMxcDy=E3fvc+OF1sZfvOV7twJHAvKqtrxtLg@mail.gmail.com> <28919F11-9336-41F6-9922-4E3E2DC4E935@gmail.com> <BD7B96B1-CD50-408F-AA06-49C20AB102A6@vigilsec.com> <CA+9kkMAH+U25ZhLq1HhGFHKMAECu+Y1ZJH-h4bOrEXaUQ15LjQ@mail.gmail.com> <87d225qwbq.fsf@latte.josefsson.org> <B30EDBDF-0803-4AB0-9EBB-DD726F617C5B@vigilsec.com> <2dc5d20a27664efe994398ec508f0e7e@ustx2ex-dag1mb4.msg.corp.akamai.com> <1E6924DE-D59C-4323-9658-766937368B98@vigilsec.com> <7F45C649-4C78-441E-8649-45D0F74168C2@vigilsec.com> <m2617wyu1v.wl%randy@psg.com>
Date: Wed, 13 May 2015 15:59:11 -0700
Message-ID: <CA+9kkMA18=KBtSWnS3murcFT7tfxNAe1Oi2YFNSkhOXTPDAFTw@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary="047d7bae465e2a2ea20515fe8f3f"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/CgkTDUvsa0wb3GIGSc8kd9pbVSU>
Cc: IETF ACME <acme@ietf.org>, Russ Housley <housley@vigilsec.com>
Subject: Re: [Acme] Proposed ACME Charter Language
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2015 22:59:14 -0000
On Wed, May 13, 2015 at 3:46 PM, Randy Bush <randy@psg.com> wrote: > > The current charter language about certificate revocation could be > > interpreted as raising the bar too high. I suggest that we can keep > > it simple. > > > > OLD: > > > > ACME certificate management must, in an automated manner, allow a > > party that has previously requested a certificate to subsequently > > request revocation of that certificate. > > > > NEW: > > > > ACME certificate management must, in an automated manner, allow an > > authorized party to request revocation of a certificate. > > /me likes simple, and this revision > > I'm not sure this is actually the same requirement. The initial aim was for ACME to provide something like an "apt-get install" level of simplicity; I read this as something like an "apt-get revoke" equivalent. I think "allow an authorized party to request revocation" may be a larger set than then site admin envisioned in the first--it sort of depends on who the "authorized party" is. How about: "ACME certificate management must provide automated methods for revocation parallel to those use to request a certificate"? These all pretty small tweaks, though. Ted > randy > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Stephen Farrell
- Re: [Acme] Proposed ACME Charter Language Salz, Rich
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Stephen Farrell
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Stephen Farrell
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Stephen Farrell
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Stephen Farrell
- Re: [Acme] Proposed ACME Charter Language hallam
- Re: [Acme] Proposed ACME Charter Language Eric Rescorla
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Songhaibin (A)
- Re: [Acme] Proposed ACME Charter Language Anders Rundgren
- Re: [Acme] Proposed ACME Charter Language Dr. Pala
- Re: [Acme] Proposed ACME Charter Language Ben Laurie
- Re: [Acme] Proposed ACME Charter Language Salz, Rich
- Re: [Acme] Proposed ACME Charter Language Bernd Eckenfels
- [Acme] PKIX "standards" Re: Proposed ACME Charter… Anders Rundgren
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Salz, Rich
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Kathleen Moriarty
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Randy Bush
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Martin Thomson
- Re: [Acme] Proposed ACME Charter Language Salz, Rich
- Re: [Acme] Proposed ACME Charter Language Randy Bush
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Randy Bush
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Martin Thomson
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Peter Eckersley
- Re: [Acme] Proposed ACME Charter Language Phillip Hallam-Baker
- Re: [Acme] Proposed ACME Charter Language Richard Barnes
- Re: [Acme] Proposed ACME Charter Language Joseph Lorenzo Hall
- Re: [Acme] Proposed ACME Charter Language Richard Barnes
- Re: [Acme] Proposed ACME Charter Language Ted Hardie
- Re: [Acme] Proposed ACME Charter Language Russ Housley
- Re: [Acme] Proposed ACME Charter Language Daniel Kahn Gillmor
- Re: [Acme] Proposed ACME Charter Language Paul Winkeler
- Re: [Acme] Proposed ACME Charter Language Joseph Lorenzo Hall
- Re: [Acme] Proposed ACME Charter Language Michael Ströder