IETF Logo Mail Archive

Re: [Acme] Reference implementation of draft-misell-acme-onion

"Charles Eckel (eckelcu)" <eckelcu@cisco.com> Sat, 27 May 2023 18:40 UTC

Return-Path: <eckelcu@cisco.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9048C151064 for <acme@ietfa.amsl.com>; Sat, 27 May 2023 11:40:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.094
X-Spam-Level:
X-Spam-Status: No, score=-9.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, URI_NOVOWEL=0.5, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="P25oebPm"; dkim=pass (1024-bit key) header.d=cisco.com header.b="ex0STYTc"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3wIJSVTgJQoQ for <acme@ietfa.amsl.com>; Sat, 27 May 2023 11:40:38 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2690EC14CE5F for <acme@ietf.org>; Sat, 27 May 2023 11:40:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17527; q=dns/txt; s=iport; t=1685212838; x=1686422438; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=BgfG6+C7yf90TXQErrVuIUVXDNbjUE4NPw7bG+KPjRo=; b=P25oebPmQ+IzVd3fMn/yAC9mFzHO06cStl/xPLxUzqSY6uTPeO8DWESn O0mbN6JSIeSkG+lFDY5Y4xqb/sgDedvwySO2u+YYob0M5AmxQkbI8/sHf GuSQYPG6/urWicd72nbHXNKP3fyxUeOSLApnrVtULocgAsv+fA1gMOTc4 s=;
X-IPAS-Result: A0AmAAAFTnJkmJhdJa1aGgEBAQEBAQEBAQEDAQEBARIBAQEBAgIBAQEBZYEqF4EVMVJzAlg9RwOEToNPjW4Di1CLSYVpeYERA1YPAQEBDQEBLgEMCQQBAYUGAhaFRgIlOBMBAgICAQEBAQMCAwEBAQEBAQMBAQUBAQECAQcEFAEBAQEBAQEBHhkFDhAnhWgNPIVJAgEDAQEQER0BASwLAQ0CAgEGAj8DAgICFAsGCxQRAgQOBRQOglwBghUTAzEDARAGjzyPQwGBPwKKJHqBMoEBgggBAQYEBYFOQU2ZdA2CSQkFgT2HVIFiAQGBWIIGhEgnG4INgTwcgWZKOD6CIEIBAQIBgSgBEgEJFxgWIYMNOYIuiXGBXA4LgnONOoEwcoEjP2mBAgIJAhFngQ4IZ4F0QAINVgsLZYEmgmACAhErExVVYxoSARMDBwQCgQgQLwcEMyAJBgkZGRgnBlYHFxYkCRMVRAeEBAMKgSklBzYDCQMHBSwdQAMLGA0WOhEsNRQfBiYBHyxdGGMEL4FRCgYBJCScTC4DggxxMwwaCgYULw8BWy8GIDwBSgaSVQwkgwhIimKONZNgcAqECIt7jg2BBoJrgyAEL4N/TKQjYogJkAWCT4g0gleDcoEUkCNXAYQuAgQCBAUCDgEHgXojOzA/HgwHcBU7KgGCCAEBMgk2ExkPjiAZg1uFFIJmh39DMgIQBCUCBwEKAQEDCYtGAQE
IronPort-PHdr: A9a23:qS86lRJzwq+587yYXtmcuaoyDhhOgF28FhQe5pxijKpBbeH4uZ/jJ 0fYo/5qiQyBUYba7qdcgvHN++D7WGMG6Iqcqn1KbpFWVhEEhMlX1wwtCcKIEwv6edbhbjcxG 4JJU1o2t2qjPx1tEd3lL0bXvmX06DcTHhvlMg8gK+/2F4rZkuy81vu5/NvYZAAbzDa4aKl5e Q2/th6Z9tFDmJZrMK831hrPrzNEev8Dw2RuKBPbk0P359y7+9ho9CE4hg==
IronPort-Data: A9a23:jDxljaO/QEHOB0XvrR3El8FynXyQoLVcMsEvi/4bfWQNrUp21jRVx jdMCziAa/iIazGmfdtxbdu18U0D7ZeAmtBnQXM5pCpnJ55oRWUpJjg4wmPYZX76whjrFRo/h ykmQoCcaphyFBcwnz/1WlTbhSEUOZqgGPykUIYoBggrHVU/EHp71ko58wIEqtcAbeaRUlvlV eza+6UzCHf9s9KjGjtJg04rgEoHUMXa4Fv0jHRnDRx4lAO2e00uMX4qDfrZw00U7WVjNrXSq +7rlNlV945ClvsnIovNfr3TKiXmTlNOVOSDoiI+ZkSsvvRNjgcc4o0aMsI8VXgUrz+nr/wh+ clBmZPlHG/FPoWU8AgcewNTHyc7Nqpc9fqeZ3O+qseUiUbBdhMAwd03UxpwZtJeq70xWDwUn RAbAGhlghSrium1zbawV8Fnh98oK4/gO4Z3VnRIk22AVq54Gsyrr6Pipv502m0vivB0JOvib ukFbhdqZgnjfEgaUrsQIMtuwLj37pXlSBVRo1eYjas6/2aVyxZ+uIUBK/LPcdCMAM5ShEvd/ yTN/n/yBVcRM9n3JSe5HmyErcH/tgL9YKIuK/6c/NBarA2i2mA/B0hDPbekmsWRhkm7UtNZD kUb/CsysKQ/nHBHqPGgAXVUR1bZ5nYht8ps//4Ss17Sl/KFi+qNLi1VEW4bMY1OWNoeHGRyj je0c8XV6SuDWYB5pFqH/buS6Di1IyVQdCkJZDQPSk0O5NyLTGAPYvDnEI4L/E2d142d9dTML 9ai8HJWa1I71pVj6klD1Qqb6w9AX7CQJuLP2i3ZX3i+8iRyb5O/aoqj5DDztKgQcd/DEwna5 CFZw6ByCdzi67nTzERhp81QQtmUCwqta1UwfHY2RcB6rmTxk5JdVdEAvVmS23uFwu5dKWO2P yc/SCta5YRYOzOxfLRrboeqY/nGPoC+fekJosv8N4IUCrAoLVfv1Hg3OSa4gTu3+GByyv5XB HtuWZv2ZZrsIf45nGPeqiZ0+eJD+x3SMkuKGM+mlk32jOrHDJNXIJ9cWGazgikCxPrsiC3e8 s1UMI2BzBA3bQE0SnC/HVI7RbzSEUUGOA==
IronPort-HdrOrdr: A9a23:/zmQGq/lNqw8l01XrmVuk+Fvdb1zdoMgy1knxilNoENuHPBwxv rAoB1E73PJYW4qKQ0dcLC7UpVpQRvnhPpICPoqTMiftWjdySaVxeRZjLcKrAeQYxEWmtQtt5 uINpIOdeEYbmIKwfoSgjPIaOrIqePvmMvJ9ITjJjVWPHtXgspbnmBE43OgYzRLrX59dPwE/f Snl696TjybFEg/X4CePD0oTuLDr9rEmNbNehgdHSMq7wGIkHeB9KP6OwLw5GZRbxp/hZMZtU TVmQ3w4auu99uhzAXH6mPV55NK3PP819p4AtCWgMR9EESstu/oXvUgZ1SxhkF2nAid0idurD AKmWZlAy1H0QKTQohym2qr5+Cv6kdp15ao8y7nvZKqm72JeNt9MbsPuWqcGSGps3bJe7pHof t29nPcuJxNARzamiPho9DOShFxj0Kx5WEviOgJkhVkIMMjgC84l/1uwKp5KuZ3IMvB0vFvLM B+SMXHoPpGe1KTaH7U+mFp3dy3R3w2WhOLWFILtMCZ2yVf2CkR9TpT+OUP2nMbsJ4tQZhN4O rJdqxuibFVV8cTKaZwHv0IT8e7AnHEBRjMLGWRK1L6E7xvAQOHl7fnpLEuoO26cp0By5U/3J zHTVNDrGY3P1njDMWftac7hSwlgF/NKQgF5vsukqSR4IeMN4YDGRfzOmwTrw==
X-Talos-CUID: 9a23:F20J3m4+upzx8la1t9ss32AkMeEjSl3h8zT0KWGIJTZYVLG5RgrF
X-Talos-MUID: 9a23:FesgngqG3nu0dneLftEez3JDGMEy/KieMnkQrZwlp86pMCZtGCjI2Q==
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 May 2023 18:40:36 +0000
Received: from rcdn-opgw-3.cisco.com (rcdn-opgw-3.cisco.com [72.163.7.164]) by rcdn-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 34RIealu012470 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <acme@ietf.org>; Sat, 27 May 2023 18:40:36 GMT
Authentication-Results: rcdn-opgw-3.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=eckelcu@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.00,197,1681171200"; d="scan'";a="2010975"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Gh0dk7wS6bGinCdNkxGyDlgnmwK3gwZf+INCmZNMS5DjBEUIMYthcKlgFZK2CcBsGuyGwDKtw/NlaNu+lg7ZiYlEJ8XIj50V2nnXTncuSSQ5XSzrCVyA4dAsOMy4Kvli/QOjHxP1sRBgl4yRWN9TrDdxCii40UL9rHORIIi/aeBucY9L/t75i+vTAg7v5fwi/dowes6Iy5Q9fmNqDpHlL6nX0oCja8K3Wg9b9HvbRb6Q16Qd9dYDDvBHeIGKtw1ZcHWZxEEfMWQG5q8gkUZxxvEbPfJasWo5Mf0qZ057AfhBqKJv5xtLtUmdVkQ+59PEAT6iKzB7I78eZ1uUMFk1aA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BgfG6+C7yf90TXQErrVuIUVXDNbjUE4NPw7bG+KPjRo=; b=BFRVVETddsVieWzdHX4LFIEvSmW6Go9zKhBy95QpCWmVYESHrBLE4004au2cXUiUaQgBuJkhCRO0lDnBmHK91Fz3GaADgyBUIFQkPOqpoY/aSB+uXLJL6clW/eHp8IclxZ88SgtndRfGSPd3rEjoU4A5x90t66DSZ0iM3+MZuaxW34BW/fqYmjvLNhmt6ZUGExGkMOtQVgorHPXNC/r3qt2nlgGQp5cn9ekMJBD8gMf3h/zn98fCsnAGOwhbqhXhCfJ6cPhHVj+bII+dmusKuQQ3N5Hq2o1cj9tz4ujrlgMyLjjzll2kxYW4G2NGg9mgkdZpUj/zyr4UfWLl8usOsg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BgfG6+C7yf90TXQErrVuIUVXDNbjUE4NPw7bG+KPjRo=; b=ex0STYTcdG7yw15zM4kOvQdgs9GrUB4gd2n7bh+Q3ehvzj4GxvxC8ZUiuGUXzf4njhBTcuYlC8D/rRhrq58J1Q4WKJZZdte4S9g95vWnOYisVq90HMIdvJ6DJ03uGcL5Tm0lyDWEC0i9JVHwJhfq2W9C1j4P6CKSX9ObJyeWHXM=
Received: from SJ0PR11MB5053.namprd11.prod.outlook.com (2603:10b6:a03:2af::17) by CH0PR11MB5505.namprd11.prod.outlook.com (2603:10b6:610:d4::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.21; Sat, 27 May 2023 18:40:33 +0000
Received: from SJ0PR11MB5053.namprd11.prod.outlook.com ([fe80::5ff6:c3a7:a01:7cba]) by SJ0PR11MB5053.namprd11.prod.outlook.com ([fe80::5ff6:c3a7:a01:7cba%5]) with mapi id 15.20.6433.018; Sat, 27 May 2023 18:40:33 +0000
From: "Charles Eckel (eckelcu)" <eckelcu@cisco.com>
To: Q Misell <q=40as207960.net@dmarc.ietf.org>
CC: Seo Suchan <tjtncks@gmail.com>, "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] Reference implementation of draft-misell-acme-onion
Thread-Index: AQHZc9RA6iCPYagUOUiEX3kSGfOU/6845xSAgACB0ACAAWl9gIAz21iA
Date: Sat, 27 May 2023 18:40:33 +0000
Message-ID: <7D6B7569-BC6F-468F-8CF8-95D6E8DCA244@cisco.com>
References: <CAMEWqGvDnUAttLh=0VPnWXdWxiH96hzm+XGX-q9vG_vmO9U85g@mail.gmail.com> <c14c31fc-8985-0d5a-2034-9dbc9d20ab77@gmail.com> <CAMEWqGu4+LCVjKf_cszfY0nUE8trate9b1-Q4uGopqJrFqKdeA@mail.gmail.com> <CAMEWqGsDm5xdF74KUT1KQn0uRELO-k+Qc=aYUj2uA3ano9KNGA@mail.gmail.com>
In-Reply-To: <CAMEWqGsDm5xdF74KUT1KQn0uRELO-k+Qc=aYUj2uA3ano9KNGA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3731.500.231)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR11MB5053:EE_|CH0PR11MB5505:EE_
x-ms-office365-filtering-correlation-id: 51009cfd-b302-451b-f70d-08db5ee1daa7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: u9lr2dR5Ro4Oo2CbTTOM2It8oJaEjphBLcdzR2mDw8E844DoDXGOD2GX6sBp3NZ9w2vlvRwnWBo0iQBUGLMFoM/NLau7Tw6U4PVtv1B+jChrbxvVToeUOgWKqGcNjfuJupmZiN7jUzIfNokqy9Y748EiBc6cEfA9YzZsS328FBaVpqCxFRihrtPv1T9zwodBZURW61yYZ1G9eF2LzMpWv3tz0gI1dzJQxx7qMKw4R5FPGzP/HKkxxy1VJzWs/OLIJjXoQ4Kz1mcr1ZbUMPHxsbZZr4Lslz7z5IPUnFpsYJsNS9yqOPPw1HTG7nu88iRDfn5tQxbVuROq/OrBvpsJrZG40oN278VmrAJL3w6NjkFvHxRZzZXeude39SK0m8G4WQkqyvOzWbPDiCH/1E2iBEvfVDzzcS8lUlHk03lKeCMoq2FJBdVB0fIfOObLEx3NMDTQy/VHaENdpwnX1ijSiW1csM43LpPRQNr2OvKqr4jIDgnUi3vALP9QZT0Pr8AIph4y+DfgKjz46zKQtNE1XtcnWy+DD5zFsMlko3noRvEIJU/SINEC7uZ+uynba7suPulF/x8Q9CUy01Zt1WLQGuuWfnJjUKEB/NaAPo9tIiPt5GklZwTdV7Xw6CJfUNagRjV1zU//GYEDPEbQlbS701wqRzUtC+70dH4QOG1X3SU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR11MB5053.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(346002)(396003)(376002)(366004)(39860400002)(136003)(84250400002)(451199021)(4326008)(33656002)(86362001)(36756003)(186003)(8676002)(8936002)(41300700001)(53546011)(26005)(6512007)(6506007)(66574015)(83380400001)(2616005)(5660300002)(54906003)(478600001)(76116006)(66556008)(66476007)(66446008)(64756008)(66946007)(91956017)(966005)(316002)(6486002)(71200400001)(122000001)(38100700002)(166002)(38070700005)(2906002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: t95ddGL6wMIK3vprrUGhXAFz2a0f/YpopXCHXw07k23SHQY9MlBff0VrHHXpi8+ab2+9LA3Qvl4r2glrbcYEbH5YF4v3/m8xVz61+jes74cWBvUk80IXyIkGHGD/EdpcSC9A2fBkas1aJ1TaaFIPCIw4l4hc4qxD0ok+KT6iDuYJhWen7xAhOoClShliqyglIsGCBuy0S0+9R5cKBe9rGSuWR/2fV8t6MvfhdkXvY/FFj+BvVbeQNxMzJ+KH3VlBmy4LwXwx+dlcNEVko1fbvxqFx1/d/mugESopLHAXQ61/+8dloW16/R+QY19AJsX0v//pdiSdNS2Hy4sBePLneKTfD2wOAzZSfqaQAfdmQ9yuqlcc+yzfX1u1a0HS5bD3pQNAUfyrUhJmVZ7srxeHJhOhQbaieWjlDpzyYdfbwqLJojYj2lfgfEw8hQkMHbGCHtM8L2+bpu4jzfKkD99OPgpaNePxuIAnKG+lVjMQR80zbsYr2aLzaTkHpi2JUrgSEOoCoj1z/uCWR1lGpFHua2ELcY+Hc02oTpyb/0eKz6XYLuls8BwpiB+/DZ+C00eSBnUgdT2gygCAB0RXUD/Yf6I5DiFbC35RT82QvWH8pHDJo1slH6YpdAV1LsH6v21/5FxXvRTlLDjTbZboH7qSuZ5Iq1e8hWKvNsW1kJBMcm7EjWrBfleXKjeGPp4rwMmXpkPGYtzBUAzRXayF4/tOgeCwoOXmvZbCU+9suap9R+1H+BVsx9h/ipkSaU9uE2doIKuVTs6qoxrdSeCe/+X26AevgRvXAG1bsKfnOGRB0NVFqHeNyiKY5Guqa6UuO8zleGTT3dRnhBI0RWNzaBZfowIjlH9heA4x4DXy44/JzzRQfo++gsD3VR8u70Hfd0C5Vu/pMV0fu0j00DdwNly2SXYa21HaZUSR/Rj7OwSjmx0HdssxGJx5PR9v6vOcUzUpId5tG+hiZN7h9yrpJH2pMh4LMPWSaSfikRBqgH3zXb6gkQa3wVzHiO+DGX8VLHGb4cwsbaZNhukP1DKqZDmGU92ic12+2J0fIeWYKIIkuAkOKLxCSgjjv+/cTmNm6VFlaryBOwyK/50EcCVMcpfoAdd7IUfwDe6I1yQNNfAsmkuVlDnelhVCo+1oPC63OaoD6TllteFA/T7iAzE7Wdj2FGG4hcAJ9INhsdE0EXUReonBvRK/SyZfKEpEPGPr/p9ZgUqIrQ5NXHxzmFQtqlwLGY2U0ZBoiIvWfXk97LBaZBvtCyEerImckQs7folyAi9TAVlPxlMdsE7pTZq7fXalRGFvpqqzxuOi5R5EXM69aKpeMJyLvV4WQVzREW3CiD5zjjcG6vNcWoAVuG+OGzDh6G3GONDISQjbhlUkTQiQTWbM+bwkLlzlG/awpyky9F3r4ZFKCOpStReSUWQ+p2rNve0utwvgbdfyy1eGCR4el7hLyfPlA092hjH4FMBPeSwbcKW2T9+5NJgGsl9L4hr56oHor+UCn9C4m7zqZlh9D4hEduQ+Wlqc169UUxJbJN59//Q/k9KuWhuqFnelAXKPn2rlhderXwsIN93y/IZ6mDrvs1VvKCIVl6ruNOSxU5vQ
Content-Type: multipart/alternative; boundary="_000_7D6B7569BC6F468F8CF895D6E8DCA244ciscocom_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR11MB5053.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 51009cfd-b302-451b-f70d-08db5ee1daa7
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 May 2023 18:40:33.1997 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VI8ScG2rYON/GnE6dvmYjY/jZKMyazY4kSsqHdEp4BxyglttwcmQaFHA2O+luG1lKE5wAlzyhidFEpdBkUHVCA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR11MB5505
X-Outbound-SMTP-Client: 72.163.7.164, rcdn-opgw-3.cisco.com
X-Outbound-Node: rcdn-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/DSmYIwIJ5RUKhEjghHaM8Fqo1Bk>
Subject: Re: [Acme] Reference implementation of draft-misell-acme-onion
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 May 2023 18:40:42 -0000

Hi Q,

It is great to see that you have a reference implementation for this draft. It would be helpful for you to add a “related-implementations” tag to https://datatracker.ietf.org/doc/draft-misell-acme-onion/ that points to the code in GitHub.

See https://mailarchive.ietf.org/arch/msg/hackathon/qT7hpFelPyk3aS1k9H0QzGAjdp8/ for additional details on this mechanism.

Cheers,
Charles

On Apr 24, 2023, at 8:46 PM, Q Misell <q=40as207960.net@dmarc.ietf.org> wrote:


Hi again Seo,

I've published my fork of Tor with support for publishing CAA records: https://github.com/as207960/tor.
There's also now a hidden service at znkiu4wogurrktkqqid2efdg4nvztm7d2jydqenrzeclfgv3byevnbid.onion<http://znkiu4wogurrktkqqid2efdg4nvztm7d2jydqenrzeclfgv3byevnbid.onion/> with CAA records in its hidden service descriptor.

Thanks,
Q
________________________________

Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574<https://find-and-update.company-information.service.gov.uk/company/12417574>. ICO register №: ZA782876<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.


On Sun, 23 Apr 2023 at 22:12, Q Misell <q@as207960.net<mailto:q@as207960.net>> wrote:
Hi Seo,

Thanks for the feedback.

I copy pasted the list of logs into my code from https://github.com/google/certificate-transparency-community-site/blob/master/docs/google/known-logs.md, it would probably be a good idea to delete the old logs.

The SERVFAIL response is non very clear, agreed. I'll improve my error handling there.

In my testing, adding new records to the first layer descriptor doesn't bother the current Tor project tor implementation (seemingly the only one anyone ever uses).
I'm still working on patching the tor router to add support for defining CAA but I'll definitely put up a few test services with different configurations once that's done.

Thanks,
Q
________________________________

Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574<https://find-and-update.company-information.service.gov.uk/company/12417574>. ICO register №: ZA782876<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.


On Sun, 23 Apr 2023 at 14:27, Seo Suchan <tjtncks@gmail.com<mailto:tjtncks@gmail.com>> wrote:
google's solera 2018~2022 are no longer accept new record. solera ct log
is sharded by notafter day of incoming certificates, so only log able to
use currently be 2023 (assume 90 day certificate)

when I ran you client for onion-csr without having hosted onion hidden
service, server returned caa servfail, not sure this is right response
for such (not yet hosted) domain: NXdomain or dedicated error code looks
better.

not sure how one can add a format in first layer like in 5.3 without
breaking old tor client implementations. could make a hidden service
with caa-critical online?

P.S didn't notice you already posted v 02 of this draft.

2023-04-21 오전 7:04에 Q Misell 이(가) 쓴 글:
> Hi all,
>
> Thanks for all your feedback over my draft. I've incorporated your
> comments into a new draft, and published this.
>
> I've also finished my reference implementation of the draft, more
> details available at https://acmeforonions.org<https://acmeforonions.org/>. I'd be delighted if
> you'd try it out and let me know what you think.
>
> Thanks,
> Q
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org<mailto:Acme@ietf.org>
> https://www.ietf.org/mailman/listinfo/acme

_______________________________________________
Acme mailing list
Acme@ietf.org<mailto:Acme@ietf.org>
https://www.ietf.org/mailman/listinfo/acme
_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme

v2.23.0 | Report a Bug | By Email