[Acme] Fw: New Version Notification for draft-sipos-acme-dtnnodeid-00.txt

Benjamin Kaduk <kaduk@mit.edu> Fri, 05 June 2020 20:43 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 45F423A0D41 for <acme@ietfa.amsl.com>; Fri, 5 Jun 2020 13:43:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 090BFxQmElJe for <acme@ietfa.amsl.com>; Fri, 5 Jun 2020 13:43:17 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA9EB3A0D3E for <acme@ietf.org>; Fri, 5 Jun 2020 13:43:16 -0700 (PDT)
Received: from mit.edu ([]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 055KhCux014386 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Fri, 5 Jun 2020 16:43:15 -0400
Date: Fri, 5 Jun 2020 13:43:12 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: acme@ietf.org
Message-ID: <20200605204312.GM58497@mit.edu>
References: <159138052140.20385.16865293415543489926@ietfa.amsl.com> <CH2PR13MB3575FB5724F1F3E49EB1CD159F860@CH2PR13MB3575.namprd13.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CH2PR13MB3575FB5724F1F3E49EB1CD159F860@CH2PR13MB3575.namprd13.prod.outlook.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/Hhn6BKaE2bxJo-bgEaZzcaDSOxc>
Subject: [Acme] Fw: New Version Notification for draft-sipos-acme-dtnnodeid-00.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jun 2020 20:43:18 -0000

A bit further afield than many of the current use-cases, but perhaps
interesting to think about...


On Fri, Jun 05, 2020 at 08:37:30PM +0000, Brian Sipos wrote:
> All,
> On the AD advice to give more thought to the security aspects of "how does a TCPCL PKIX certificate come to be?" I have drafted a relatively simple spec which uses existing PKI infrastructure to verify ownership of a DTN Node ID and authorize it to be used in a PKIX certificate.
> Any feedback on this mechanism from those with lots of hands-on DTN experience are greatly appreciated! Especially related to routing and BPSEC nuances.
> Thanks,
> Brian S.
> ________________________________________
> From: internet-drafts@ietf.org <internet-drafts@ietf.org>
> Sent: Friday, June 5, 2020 14:08
> To: Brian Sipos; Brian Sipos
> Subject: New Version Notification for draft-sipos-acme-dtnnodeid-00.txt
> A new version of I-D, draft-sipos-acme-dtnnodeid-00.txt
> has been successfully submitted by Brian Sipos and posted to the
> IETF repository.
> Name:           draft-sipos-acme-dtnnodeid
> Revision:       00
> Title:          Automated Certificate Management Environment (ACME) Delay-Tolerant Networking (DTN) Node ID Validation Extension
> Document date:  2020-06-04
> Group:          Individual Submission
> Pages:          14
> URL:            https://www.ietf.org/internet-drafts/draft-sipos-acme-dtnnodeid-00.txt
> Status:         https://datatracker.ietf.org/doc/draft-sipos-acme-dtnnodeid/
> Htmlized:       https://tools.ietf.org/html/draft-sipos-acme-dtnnodeid-00
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-sipos-acme-dtnnodeid
> Abstract:
>    This document specifies an extension to the Automated Certificate
>    Management Environment (ACME) protocol which allows validating the
>    Delay-Tolerant Networking (DTN) Node ID for an ACME client.  The use
>    of a Uniform Resource Identifier (URI) as ACME identifier is also
>    specified.
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> The IETF Secretariat