Re: [Acme] Fwd: New Version Notification for draft-mattsson-acme-use-cases-00.txt
Rob Stradling <rob.stradling@comodo.com> Mon, 09 March 2015 21:38 UTC
Return-Path: <rob.stradling@comodo.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C16D1ABD3D for <acme@ietfa.amsl.com>; Mon, 9 Mar 2015 14:38:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fQnFtXjjHIzT for <acme@ietfa.amsl.com>; Mon, 9 Mar 2015 14:38:08 -0700 (PDT)
Received: from mmextmx2.mcr.colo.comodoca.net (mmextmx2.mcr.colo.comodoca.net [IPv6:2a02:1788:402:c00::c0a8:9cd6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3874D1A901F for <acme@ietf.org>; Mon, 9 Mar 2015 14:37:46 -0700 (PDT)
Received: (qmail 24740 invoked by uid 1004); 9 Mar 2015 21:37:45 -0000
Received: from ian.brad.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.202) by mmextmx2.mcr.colo.comodoca.net (qpsmtpd/0.84) with ESMTP; Mon, 09 Mar 2015 21:37:45 +0000
Received: (qmail 27046 invoked by uid 1000); 9 Mar 2015 21:37:45 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Mon, 09 Mar 2015 21:37:45 +0000
Message-ID: <54FE12A8.8090108@comodo.com>
Date: Mon, 09 Mar 2015 21:37:44 +0000
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: John Mattsson <john.mattsson@ericsson.com>, "acme@ietf.org" <acme@ietf.org>
References: <20150309195754.10053.23071.idtracker@ietfa.amsl.com> <A8DC2625-13D7-4DDF-A4F0-DD288495DBEF@ericsson.com>
In-Reply-To: <A8DC2625-13D7-4DDF-A4F0-DD288495DBEF@ericsson.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/HMLpBvLXhsuvk2UmmilHzFmyvgc>
Cc: Robert Skog <robert.skog@ericsson.com>
Subject: Re: [Acme] Fwd: New Version Notification for draft-mattsson-acme-use-cases-00.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2015 21:38:11 -0000
John, how would a "newly deployed HTTPS server replacing or complementing an existing HTTPS server" obtain a copy of the private key that is associated with the "existing certificate" that it desires to "import" ? IINM, whilst the current ACME draft handles proving possession of a private key, there's no mechanism for backing up a private key to an ACME server and/or for transferring a private key from one ACME client to another ACME client. Do you think ACME should provide these facilities? If not, is there any real gain to adding your proposed "Certificate Download" function, given that there would presumably be just as many "people flying back and forth just to manually transfer" private keys? Thanks. On 09/03/15 20:37, John Mattsson wrote: > Hi all, > > I strongly support the ACME work. Certificate management is something > that really benefits from standardization and automatization. > > We have some additional use cases that we think should be included > and that clearly falls into the ACME use case "obtaining certificates > for Web sites". > > I wrote a short draft that illustrates the scenarios. Please > comment. Would be happy to give a short (5min?) presentation at the BoF. > > Cheers, > > John > >> Begin forwarded message: >> >> *From: *<internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>> >> *To: *John Mattsson <john.mattsson@ericsson.com >> <mailto:john.mattsson@ericsson.com>>, John Mattsson >> <john.mattsson@ericsson.com <mailto:john.mattsson@ericsson.com>>, >> Robert Skog <robert.skog@ericsson.com >> <mailto:robert.skog@ericsson.com>>, "Robert Skog" >> <robert.skog@ericsson.com <mailto:robert.skog@ericsson.com>> >> *Subject: **New Version Notification for >> draft-mattsson-acme-use-cases-00.txt* >> *Date: *9 Mar 2015 20:57:54 CET >> >> >> A new version of I-D, draft-mattsson-acme-use-cases-00.txt >> has been successfully submitted by John Mattsson and posted to the >> IETF repository. >> >> Name:draft-mattsson-acme-use-cases >> Revision:00 >> Title:Additional Use Cases for Automatic Certificate Management (ACME) >> Document date:2015-03-09 >> Group:Individual Submission >> Pages:6 >> URL: >> http://www.ietf.org/internet-drafts/draft-mattsson-acme-use-cases-00.txt >> Status: https://datatracker.ietf.org/doc/draft-mattsson-acme-use-cases/ >> Htmlized: http://tools.ietf.org/html/draft-mattsson-acme-use-cases-00 >> >> >> Abstract: >> Contacting a CA is just one way in which a newly deployed HTTPS >> server can get hold of the certificate to use. This document >> describes additional (and common) use cases that fall into the major >> guiding use case for ACME as stated by [I-D.barnes-acme], "obtaining >> certificates for Web sites". >> >> >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org >> <http://tools.ietf.org>. >> >> The IETF Secretariat >> > > > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme > -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online Office Tel: +44.(0)1274.730505 Office Fax: +44.(0)1274.730909 www.comodo.com COMODO CA Limited, Registered in England No. 04058690 Registered Office: 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to the e-mail containing this attachment. Replies to this email may be monitored by COMODO for operational or business reasons. Whilst every endeavour is taken to ensure that e-mails are free from viruses, no liability can be accepted and the recipient is requested to use their own virus checking software.
- Re: [Acme] New Version Notification for draft-mat… John Mattsson
- [Acme] Fwd: New Version Notification for draft-ma… John Mattsson
- Re: [Acme] Fwd: New Version Notification for draf… Rob Stradling
- Re: [Acme] Fwd: New Version Notification for draf… Bernd Eckenfels
- Re: [Acme] Fwd: New Version Notification for draf… Rob Stradling
- Re: [Acme] Fwd: New Version Notification for draf… Phillip Hallam-Baker