IETF Logo Mail Archive

Re: [Acme] Call for adoption of draft-misell-acme-onion-02

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 04 June 2023 12:07 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02E78C14CEF9 for <acme@ietfa.amsl.com>; Sun, 4 Jun 2023 05:07:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.999
X-Spam-Level:
X-Spam-Status: No, score=-6.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gGlz3G289LBj for <acme@ietfa.amsl.com>; Sun, 4 Jun 2023 05:07:25 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on0717.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0e::717]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA853C151557 for <acme@ietf.org>; Sun, 4 Jun 2023 05:07:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DCPpikD0uxE+xfaD2DsfmHL91wcdQF2xiRNWzrkkxHsGtTNexux8J/slKZpXR7nO3/6ZlaoNq/Vv8aXDaStPICFPfaMNj8qzvn9vGw17p/GHh99DbcLylo4UYrQQsLSNrResCk3mmNIWBiVOJnLj5+NW7T7Z483GjutlFfQAAkEiY0Ytu4GS2Byo4xJNG8eRbC69RT9TRXD9ldi+oTOv3ptAhejom4z4mc9S2EPv3DK/vcSQ1RTulj5BJQTEk0TveNmKNsYjV6LGWaEgOqseppU+VOxsikb22IP/dLqB0s5cu28WAbZRu+Wh23KcukNv+ehJz1Nv8adiix9HRZX3YQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I1WFk3EKC3E7HwBvG+mujP6+Z6D/Xt9s+SIC4vjP5oc=; b=mPRIUDZwNjfD1KFArYYORyRdjgcSliignjfgqXKL3MnbHqq2fwZJZah4wrLzx3RJ4nQ0Pv19UxyqRmZSJJts9ft8us7V+LCA63y/YsdraCO0WL3z7SSH+cXgdIf/2l1KaP91W6i410GD1LB/KqxdGKMwKwtSEoLOOoAQTdm5sYUOhot04Y+kieEEft9uPjY3CqobgrZ9C1xjSTOHStEjVe/lEOt8xhmE02LsFNCuvOptl7J9i1CzcD8aWM0fYzGXiggKUH5yV1yFcnyaoojvuYMX4RJpjhYu8rdLRkBVuorm9zBgm1iOzoCT4MISWw6DuWeaLF/0TH0OdkYDXybTEA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1WFk3EKC3E7HwBvG+mujP6+Z6D/Xt9s+SIC4vjP5oc=; b=Bf7W63FQOg5f1Bc8QVdWetBlGcwFhdKibL9nnmy1oJsZJoL4Qzf0nfoSWxIBBRofxVJlcLLCJkSokqghBm62EnvoJi1vi4vb3bBwaLAqG1l04ZrxsUH+5irps/HNxN+sOUKC4tHUc83rWVfcZ7ZdPqIxKGAwJNXXBFXyXhOqx51b/9DzT+JEz8uEV6qdqji5Lqf4vVAf7WsSELyAhQNWNu5NcQSU0tzbpra7uDEEScsOjUY1g7jtFaSW8KmgzO2FKaR7OVZ7y5dHnuOxywhOxj+rE8GgCLSU3rV4nIb9RIxPHoEI2SC8wuocsmu6jdsPznQj4hSSyeQODi5gsMSGNQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DU0PR02MB8242.eurprd02.prod.outlook.com (2603:10a6:10:31e::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.32; Sun, 4 Jun 2023 12:07:18 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::579a:c872:9936:8fd5]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::579a:c872:9936:8fd5%7]) with mapi id 15.20.6455.030; Sun, 4 Jun 2023 12:07:17 +0000
Message-ID: <6495f609-b9a3-cb0e-da36-b076277f8bfb@cs.tcd.ie>
Date: Sun, 04 Jun 2023 13:07:14 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Deb Cooley <debcooley1@gmail.com>, IETF ACME <acme@ietf.org>
References: <CAGgd1OdHCZg=g+2E56YyMdizNgm0_K+cOtcqJCEJD=NBrAo-6w@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <CAGgd1OdHCZg=g+2E56YyMdizNgm0_K+cOtcqJCEJD=NBrAo-6w@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------ooRKCSXdcFNwxTKI770ap9zL"
X-ClientProxiedBy: DB8PR06CA0006.eurprd06.prod.outlook.com (2603:10a6:10:100::19) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|DU0PR02MB8242:EE_
X-MS-Office365-Filtering-Correlation-Id: bdcfc0c0-c78d-488c-894f-08db64f43d51
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: hNJwu7GEaE4uFr8FNt9mtZvdJ3Nq4PPrK2xOEvRYJA1fpLeYOCggRj9qyliuj5qRiDvGdN1GuZuxVX5bhM8k5QRQ/ZY3lrG+RspHpGP5hRlzB2m3m9tJlx9TCG4tjtXyOFTY5JjuVlUpqW+8+lbQT34DOFCGbfKrD2Se3q9rbbnNG9WaSW4LtEXkUIk5vZjreht3hWuYf0MQbKhshoKDO72o5+ZzE/mosbTI7EI/Ly8hyBwm/KcGaLtnR53GDXz+GUVJHPEeMEU24zlLnrQSxQTJqiW1j8kcRHtNAjr5kkjqkzOStPpU+8qWlwq8ZyFyCn5mz8Cpg5Th8gn703Bjioh/wZAv3X5s9YI608bTRVihzIiq7HPFyIEGhRK6BMrUiEpvrrN2a0RQRZgANYIz7rywBSubtnKJBHgYdaOk9ZKWBBUzdHxQ917vz0gTPJZxKE51kI1ZSOb9FN9CVMpR4O49RB68LZq9O/eoKQAjnddbT2DwYczNKY62QKlVW6J+klX8CL+JE/sgdHRs8dWbnZPumo5uLqR6sXHSFt1GS6rovH8iCnuZbCRIehx6V5B1rScB4f3llQnwtzLTk4pzMSJreZWjS698GYIb/51yDYHDmlwfULLoyJZ1DygPnl/+SNOg0sUFw3De/fffH1LFrQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(39860400002)(136003)(346002)(376002)(366004)(396003)(451199021)(83380400001)(2906002)(21480400003)(2616005)(36756003)(41320700001)(86362001)(31696002)(38100700002)(966005)(6486002)(316002)(786003)(33964004)(41300700001)(6666004)(235185007)(5660300002)(8676002)(8936002)(110136005)(478600001)(66556008)(66946007)(66476007)(31686004)(6506007)(53546011)(6512007)(186003)(44832011)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 4a6bPMi219Ui4YchlHSkEOavLQCAZ4PaMzdAUy/VHs1aSN7I9hLj/SaF86ceiop7N5gxODn2ybC3mi3woxNyqpd7C1kXDHgxT89omwoBYjaouirnD2p616TwATdGTMu1+twpVh02OM2Pe9zOJfX2EVtnNFS51d1U02uweGBC4fDvHlpDzDeu0ATjFH/dKJyQ5aDxWY4m/Uc6QHHwWpi1HpbHbvte2B+8RKsMwQfKWfu6PQAoejmpTZ3eHGyRVzHAwV8xGk519sTtE5+gbCgseKTwOiP8HfzUU/VhjBL8XfkO1RvKQWVF/U5Z5Y3O4/z+AZXn/96PoMjDQJqW9N0Pl2rheLAiCJNXFvmM+godotW9LlM+QbA6jWP58uuuVSq0c64yQT1V6ZCiL7Q9vQZpsQ9h8jrVmzKNhHhvVfDGUCFrlrdCIc+rEMEonej2fuaD3dLQqExGRJPAOX28HILWGgkCvLD0YPZ5hGbdF/yfGXdAQj8J5YpRFZ+VaCO5exNIBw1bxEfGxJhu9sdgQARRp1YYL1ZoEmERNH5iSzhSo88pviiR3EUa98ksWPmbqXkm38THp+wrUe/UdDV70Mo45ib67w+eKFUKZH3oVan+n3aAOHT3x1b3DIXMnYiZQYh5iQWXLI+HCM+KQdnPGaYDo3bVkaeVBtLw2oI/NQxJPEiI4R5MvWMVIXHfj3KYp6qwzRlAa8eQu6elhjoR1URooOz4ltKNfT0YHVUcNmgAJPaJ0z35dbSmRsZGGvTnPyzn1nGiFtVO2zt7zIgGZZbsOBOlAMXJG0y/lctk45vWV+W0S0jb5XR0+uubiMi5hlfNIMPxNqoV29oW+MDSPqtifZMYEZ1QDseowpAB7p/VZ5gftQObgyhlw55Vum9l38HyV0odEB5qtLmbAUw/bAXdGR2Q2XypWFZGGbCpheSUThfAY5fc+ZXgTDAqtPPjjzHeyiEzzrMfxadqWxXivPLOgCSM0C1LZ5Oupl0r20iTlQQAVVzroOAHB+gBEEbMXHX16BlagvJJ0zUynL4nR1YDsUYmp3x/cOPnPkROfkddJDn2JUgb2jt13V6orTiB2DE4Kn+17z7ClT2Yb/oTTR+rsLT4Y25YdtmaL4S9pEUNigvVFWCX3ZzfajCpvqsk89lOMvIIryWWfg1sFUasymnhyE+MACgzSFz1NmVZ2cRxRlLE09uRfuvBhGAwEG3xUvpbTRdfU6wgwHU7koqNjsoPjRPtnVCXu3BtwI2GnRANjElyPsUzEL2awK50gGS3fREUKAUNZSha4ibU8OKPxCSJ/l4ttO+tbKLuSuu+oMofRfHffG+Jb59L7jdItgZLS4NxScGhyhffyWsZjQoFKtwllKkezh/YnnEt/gjXj0JGSggjiTqyWVq4WKaNvZmzAjuereNxk4PuBsgFVSguqgEJyqGHz+jWQLrHSGeCDkN/EhqINCltMXMz3SDV9NPUq61R6n4QbT7yV6rJqVzaPomuk4Ak3Poi9kWPYrt9iE67F3mCWNyKUub1JVgCkOb4i7BmT/qU56aIawWlHMGgVGB7RcRmUXkQB0rbxHI0LLTm0f3+ecF+sS74JM1QSpLvUpX3j1Otvxiyj8QKV2XNZSC55LzYMhSlW3EB6EI9y6BN2oXf8kYmz45Va0CR/JGgvnpo
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: bdcfc0c0-c78d-488c-894f-08db64f43d51
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jun 2023 12:07:17.3690 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: jj/SWHOMCmofhssyY0AOxpQSL+pC7D+Tl6l+K7pI0SY8Cmi1zzy/Bp524JcZu3oW
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR02MB8242
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/Cjaw2I9eobmrxJIZXd7OyI-TEOk>
Subject: Re: [Acme] Call for adoption of draft-misell-acme-onion-02
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Jun 2023 12:07:30 -0000

Hiya,

On 04/06/2023 12:06, Deb Cooley wrote:
>   This will be a two week call for adoption ending on 16 June.   Please
> speak up either for or against adopting this draft.

I had a read of the draft. I support adoption.

I'm not sure I understand the security of the challenge
schemes sufficiently from reading the draft, but that's
something that can be addressed as the WG works on it.

To be clear: I'm not asking that the draft fully set out
why these challenge types are (or are not, for dns-01)
secure, but I reckon it's important the WG satisfy itself
about that as the work proceeds, given that have been
subtle issues with challenges in the past.

There're also some terminology things to get right, e.g.
that .onion is not a TLD but a special-use domain name.
(SUDNs are controversial enough things that it'll be
worth trying to get that text to where it irritates
the smallest number of people possible, even if that'll
never be zero:-)

Cheers,
S.

> 
> Thanks,
> Deb
> 
> 
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme

v2.23.0 | Report a Bug | By Email