[Acme] Re: I-D Action: draft-ietf-acme-device-attest-02.txt
Sven A Rajala <Sven.Rajala@keyfactor.com> Thu, 26 March 2026 22:19 UTC
Return-Path: <Sven.Rajala@keyfactor.com>
X-Original-To: acme@mail2.ietf.org
Delivered-To: acme@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A05CFD211D3B; Thu, 26 Mar 2026 15:19:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1774563565; bh=n5BsbxpTVAm9IEm6IzwF/2MjOUo/mS2pyMP6VC3vjXA=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=TUgIEs5LpSCPpEN3RkJfFDCCnu65HvhTXbkQ0nM+A8YlSPF2uooNuNR6O5zF4ReMJ rWzMaRDCLfKVTzj9jVygGLZbwieTMWf3rOpPIJfVgNvr1pnM5gbCUfiT7u+zhgkOVE DzdeBn7QCziR/AHp/Op9E1A3fl3rTilGlN2+DyOo=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=keyfactor.com header.b="oyMQj5QL"; dkim=pass (2048-bit key) header.d=keyfactorinc.onmicrosoft.com header.b="0d4rfpNm"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nicq0xHsSnwN; Thu, 26 Mar 2026 15:19:24 -0700 (PDT)
Received: from mx0b-0041f601.pphosted.com (mx0b-0041f601.pphosted.com [148.163.143.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 3A257D211D21; Thu, 26 Mar 2026 15:19:23 -0700 (PDT)
Received: from pps.filterd (m0365590.ppops.net [127.0.0.1]) by mx0b-0041f601.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62QMJG4h451768; Thu, 26 Mar 2026 18:19:16 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=keyfactor.com; h=cc:content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=pps1; bh=chI29wjPCXlahBCFHMhVhqh3rvtNc LYQd9BtwHUeyGw=; b=oyMQj5QLBPX8zWi96ab4VZt2eRyvqqJjnmJ5AfCvQ3o87 jJQAIUcu38UjK4AWmPFx7S52Ysi9wdUOjT75YNUbdL4oNa8eURBLXYzRATT7YZ+Q 9G/96rUkCNANAAtGIEbjA30TCF/h3t9CT8jQYJjw1xf4iFavkwGBdiqQ4dbM28KQ iW+FRrQKTDYdYMJ/A58Zl2cDovNSATvFdgp3h7m8vBathlgey2mqY9jXlK+7MRbc mtOZTIFkwpTgL6RkzY0dobiwp8ZiQisTiO6ItdIkCe6YF0LIVvU55Ke+dZD+zIl/ hf3n1fm7VmNb8m9eFQltFRQUDJeqNd7LRMMTEmJDw==
Received: from sn4pr2101cu001.outbound.protection.outlook.com (mail-southcentralusazon11022083.outbound.protection.outlook.com [40.93.195.83]) by mx0b-0041f601.pphosted.com (PPS) with ESMTPS id 4d2anqmqre-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Thu, 26 Mar 2026 18:19:16 -0400 (EDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=rbmZUV404VSAc/3RdKBth9YNv2WlaYzpAzPtMCYFzuq77Z42gE5Q0Mnrrns42s3fv54knxs2V85S//l885DPqpbj6Ixsl6YhNkxk1ghjiXkWeEd9i038i6CwrwxisP3UId5UlYD4LVnbDoQtszv2HTmIqwUIPMc2QwyO32D7J71Jl7gDcDqA4FKtdsCsxsK2LUvlr0jTxdtHzLIHnZA4XRe0a9zLUhaf96hxN97aWOc1nqbpJ5Az8PohD8ojIJcllvQoXW2D0Zvw/8AZSZeuI/1lEuLNt2TNsqtyIfTFj1+JWXjyPbOBromuyk8m7smrqJjVOPegU05tZQ7x4zZyXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=chI29wjPCXlahBCFHMhVhqh3rvtNcLYQd9BtwHUeyGw=; b=ol7pjgaqQS/BOn9FVQAhTh5DBKilRb5b14KqdqZTC3I2vk6g98qF8WCxCznGNtkqmcvLMQnnmw7WiU7GsWmjutssAjPaiQFPUpXaQZKIJRmsuK6EKnXibJNs9gJ3Y/CGy3VZvSnhviGd/GgaAehxIkU1k97+Dacra56Q5szYIc+726cVDAZnm3JT3kPanZuSt2oAahyf6+ZB1pEvC7schknJreLvtcCylkYvYV/sEtA6Qi/z2/NlG6sAz9mmOX2M45W+jdxP6LbPQ6Z9CR4ttTEurLbtXFnLQwnhqtpSEREe8sa/q25tjKt6klSb6L0DLOQhtxX+KsgvH+va4NKb7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=keyfactor.com; dmarc=pass action=none header.from=keyfactor.com; dkim=pass header.d=keyfactor.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=KeyfactorInc.onmicrosoft.com; s=selector1-KeyfactorInc-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=chI29wjPCXlahBCFHMhVhqh3rvtNcLYQd9BtwHUeyGw=; b=0d4rfpNm28uTOclaPFmiIoZn98Y2BzHfpVjjU68Hpl04CUE+9debeNGv7O2KzUCyKARIFfj5rQwAXuhslmsXU0GZ427q8/PxsmCvWOOcP44IVnl1II96CJzq0t5Kz3zkrbxzhJ3972QGZbOzJVCB1Hegmgv1RRqisR2XlG3cd1c9FG6AszevesmVv2grdB+2mSlVQ4GEB1GArQBMNoomVOzWpaTrjBVm3oLCFgnRnQ4jBBrKiaHQRNm7W86wfoWL5lxxDtPEIunIsfIPBFjoZmUfkGcALXY0h4hQLl4LXLqxlVEvFQSHwXyNL0P7pZRWQ5G8ML0xkCPGcFldCEX2xg==
Received: from CO6PR22MB2497.namprd22.prod.outlook.com (2603:10b6:303:af::14) by SJ4PPFCF7160717.namprd22.prod.outlook.com (2603:10b6:a0f:fc02::fd0) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9723.25; Thu, 26 Mar 2026 22:19:13 +0000
Received: from CO6PR22MB2497.namprd22.prod.outlook.com ([fe80::3295:ff12:3fbe:ee8e]) by CO6PR22MB2497.namprd22.prod.outlook.com ([fe80::3295:ff12:3fbe:ee8e%2]) with mapi id 15.20.9745.020; Thu, 26 Mar 2026 22:19:12 +0000
From: Sven A Rajala <Sven.Rajala@keyfactor.com>
To: "acme@ietf.org" <acme@ietf.org>, "i-d-announce@ietf.org" <i-d-announce@ietf.org>
Thread-Topic: [Acme] I-D Action: draft-ietf-acme-device-attest-02.txt
Thread-Index: AQHcvW43XmsX5m8/W0iiGzyflG30xrXBYbQp
Date: Thu, 26 Mar 2026 22:19:12 +0000
Message-ID: <CO6PR22MB24973A167FE9178D62718DEEFA56A@CO6PR22MB2497.namprd22.prod.outlook.com>
References: <177456337501.655568.7364721217774667840@dt-datatracker-5775bcb475-pnkww>
In-Reply-To: <177456337501.655568.7364721217774667840@dt-datatracker-5775bcb475-pnkww>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO6PR22MB2497:EE_|SJ4PPFCF7160717:EE_
x-ms-office365-filtering-correlation-id: f1b796a7-64f9-441d-75a1-08de8b85b5a5
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|4022899009|376014|1800799024|6049299003|38070700021|8096899003|4053099003|56012099003|4013099003|22082099003|18002099003|13003099007;
x-microsoft-antispam-message-info: nGfWxrSA2PQ2pP0dExWZThTEaJ5Mw9zZ9PIYLYrGSfaEbuIRlV4sNd64xxVAd+Vpmpia8EEG2A8Jg6tjTH6zC7IsTztpkOaLFbboJg1JOhiruJIlXeUPWzu7+h0+4IW+Jtxwy2uJZMhiCY9G/gSb853dmvjxLOVqX3TX0fac2U6YrHs4pRBfzlvhtGjYkNm7qquryCg4sdxEasV3oxMZHxUU3wFLS10R7+6T6edj6iRgxHyRXjY7FcW1ZQ9dulza2ygZhl9eSA0Bx5B2zzREOZKG9x8IlHHrRPlhMuszwBpE94GBwxpF3qNDv4cEpk3yZXQaOKwuMRoqRCEI0thNiMHp12GsCuRS9zNtgriHmDo2gq3xQ3yl69LTbF77TzYVmuJ5RqwboTqNTafqessaAIhlNJn6WZ1MEy51h1uUI5EiPDYfGtexEbwFnkME+SoetBqPTHqUrFqP0mjkMyYgfYhmZLAS5pBJmY9nsHLTJD0vDDJEXSIYhLbvssQptTZiTwplONOe5hXC++l8vQUxxDj5JvusNJiFqjzVnU02mHlvdwv2i18LdW6YtxHM43gjxCI8pIa9xmT8cfvo97dL4xGY5fTuNYYcAgfYmzBX3+DRqUTg3JQj0D2u/4SfsHZy+Amq0HP6yur0tiWAzfbQt6t4fvN3JwofFffjaAD6xY8Rqh9bVi3Ze3fbUDXckkwjKnxvXNoUJ4k9Ea+geyzUmE+ZSqCHwb2Q1+URoSFI45cBAjN/ufqWMOLnmz96gREd
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO6PR22MB2497.namprd22.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(4022899009)(376014)(1800799024)(6049299003)(38070700021)(8096899003)(4053099003)(56012099003)(4013099003)(22082099003)(18002099003)(13003099007);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: kDPFK0DVLtFDZMuOtrHcCqTNVH1p7aUNs4D4BFnWMs4w7dlnZ00RmuQ2nkk/EVi1FY+T2nGfq7scmWsCKK2iYi9FNUikosxzI5HLoNegWJS5DOoT4ux5q45sWVcME78cr+AiPj9euzP5vVBpNvZp8Vq9oPr//5TU3get3jitHAExI7L7FMpSR+tqIQwRb/7x/CMNCe4APmaYolY4xdl9k2EIug+R0g0w6S5WXbQI1RoJetswrMkj+h7CddVno6SlAdc/GQpRa5uDK+N7Emz8T1XNL3hdqvXSdJ0h6SFZzeFrzFYIhZpdPbby3YKliqkhyCu2QqZzleAbxpRJZLarYHWjy3IsPM5/hhay3bitTP07khs6txb9x8dgz0KOMX4RoX2QNhchbq3nCS2pSZgErhoCH2HEIMzsv6fkFJMnXXxN/MkZ+H1PSd3un5Znj7EewRxIUz7i9mBSpwhEykpjPcIMR4ge8wO894+WurFGyS2a84LvJ5ViNxZCAFDKQt1u0fTfdR6N5ugf86cOpaY7juHp9PXuIaNq+l2/BD70yRow22OrM/VHPCewYSD0SJHAUZOZDK95B2zcPwMpmdRtfMuC3zgzf48dUh4v+gkXJO9y/bzCPI+6l3sQeE0RThciolrG/37pEhfXDfuMpAPKetlSyPTaW6ugrX3ADtfmRDvM+8QkEhGKLnRbyTEnXpGE9+tCKUPRjZCbXl/OmbFUq8ffaxBc4hUCMVbCwBzjYEFEe64Dp/PHYYb2wdGiwrAOHUU28tfYVj8ScWoOFG/ot4j/YCFT6aT7i8mLtlK38xI5XXtoioMh/pZLtYO+KQVviZ/2iWHqfUiXOynqX1TNnvthYvPL7zFNCel17IBPkbThCnylecdt5ifaPM2QS4uzbCycERLnwxXt6OVJinp3Nc5mWkjyI1m/oVz3NCAnk9oJM5JGnuqsxPPgrOxoeT0TRCGsvzpbomT08NcczIUKDw5GjBBkuCEQyptcK+KAYR9DPau+Bhiv02kYLMHAhekcHvcmbpfemMidwMefQzMt31eEUZMIaypojyFhW7hPgPkhp/5hLCe+eFQOMKNU9xu4sqwaZw2UFF8SNLaHX0rOa0ZWjPcb5VkWAOXfGNfL5thAeuTUFyZO+OtPgHfq2ofIOIESK08ck+RfZvkpoHLEAgqhh4sUmMQlPBxrYR14VogS0+ZLmmbbx7LzpYsT09CNIvKWZYMb7M+J2miO7/nP1fYYCDZrzV2sr5B/Lr8NSR/ZSP+x5/oI9rPFmYMNuJ7y/NPJiX11Lc2jLBV31+cF9Ni7YBYpjdJNALk0A3h2hxKFp3qU6MlIJiXs+OKiqv8n147Sj5pktgGHHViYsYhs1+XL2rEr3vowkWmOO4/yMxgB1edRmVBY9r2aLeZb0YIUWfwvcgT7cbbiQ3PSdANWXPb5wbmRKnmj4GK/fPHznNOj3WHb690rDcSJIWDRhUjE+/i5lVd5BTmN9EOVVT4kyn/oCTHN2SIyUfKgpAoTDqv58nK8L2mQs0/wfg1TkItXtB9AACut9PkeNOcvHVF+mkK6AeYdd/drohXzFBUSoSpEHNOKnpxgCBqCQmqoFLd5hQ7Is6ORTLvldnblyLEAaMyUPCdkkwp/JJ6TCeRSTPS/KPCWZxrdbr/qUw9iZPe+LYczGWBFNFNbudnAquLwDRvrk+aM5RZ6nwTV/VhTSrg1VdcfP5q3Mvo4Zzkjh1ghPis2iL9bu/iZZav8o6PSA/DbKaS6CzJVSzpNkEB/sss=
Content-Type: multipart/related; boundary="_004_CO6PR22MB24973A167FE9178D62718DEEFA56ACO6PR22MB2497namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked: AAKZaUc/6H/7Bqgb6GDuOh8ecmLW3PI+X/zyjHSJ9Y9pgWjEbpKWnxhfBrdNbsm7huKrMRXZ/e8JU8d/B3los8rCclgpkDiEKHUcAg+KixugLgya8QewHuKP/KM6CrxTAembaO4dE7zJiagMOnXubsVyYQicDg2b8C+djngTeB8wt/H+Jkr2cwW4tA4N4+p9ZLeLxFoHBpKGamZzxydN6yQ7UytqHBTJ+cSBRSzz9PdUAAp+IibEI71tFwor6YGmi+quHowuFH35t3GUe59NbIKvIYIXCV/T7Ssr6EO8PZNUNwVf/RuNO8VtQpuDL4YpdVnYHs96xWSuVuDGoeXYeQ==
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: iDoUy1uQztAIqdu0Q79va28ZK23MXwl81Y9RS9kMj4drzi8PZJv6Bpd/fe+nzyb6CwsuTk4d01kO30fO6MNM/b4k1TB7SYexXEGpDAlt0/hs6o56o24fQ+Wvi+TJZGvKDC8jmLgwMZmQ6QPXu6PZnCJb4JwYw8iEsCYbZWcOEo7hUy949iVhmr3wjbsxoRS6yN5KlOBs+peG0itQtKGPfrvn8eh132KEKO9SKGb2UyqUFcFXd1hxuUCjbA8bH6zV8fcKSWEs5oru4L6jpsZ3gDDjCuGEAejXmLnzlusE6y1HPyAWhWlCNfgO3StdggtM0Mwd8P5GAlPaXXoOLRtS5cIw4xA8Sbfcuhi6o7lpdv0eje9+qoQYRsqelcuvlRyP8wFbJutJRuxoel47pR9UZP/a2SaLlfljpiIMWbXwVtlwZmJOQKUi+KZriSrk/Bo++1ClGoYSVKKYrLF0GUxgd6zmFrbEz1kJbbFHyIDbvEyUGPpHzcVhB/7/M0UIY50VR0vCoPsb2paCo3HjUgJzLgbl7HSFp55a7mieGB2vG627JuFNEiuU6gDUmg5g2Jj0hDdSy3f73KYDf8ZYpBEQYV48+CxF3avsAUugRvlBu6V3dIBs0gixlIFKOsMFYs09
X-OriginatorOrg: keyfactor.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO6PR22MB2497.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f1b796a7-64f9-441d-75a1-08de8b85b5a5
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Mar 2026 22:19:12.7047 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c9ed4b45-9f70-418a-aa58-f04c80848ca9
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O18yimH7Vpb3Sb823jDd/X84oqG8ErPZjes8lAoB1c9nCPqBiFEG92bvbSHmnruU2dMngx4oi1oIl20emnfMqA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ4PPFCF7160717
X-Proofpoint-GUID: q4cYZqp0ARJogKHYP15mun3FBuhqgc8i
X-Proofpoint-ORIG-GUID: q4cYZqp0ARJogKHYP15mun3FBuhqgc8i
X-Authority-Analysis: v=2.4 cv=a8E9NESF c=1 sm=1 tr=0 ts=69c5b0e4 cx=c_pps a=qXrkyhrtrlo5bn8cMY6OCA==:117 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=Yq5XynenixoA:10 a=DmHMpGrDn5QA:10 a=VkNPw1HP01LnGYTKEx00:22 a=-aGRRlewcKq8627C9eKH:22 a=E7qSOVlC_gCfm0QHz4Pr:22 a=D3By3HU7AAAA:8 a=RpNjiQI2AAAA:8 a=48vgC7mUAAAA:8 a=UCHq-ZtYQDQ5lM2W2cAA:9 a=CjuIK1q_8ugA:10 a=tqdMzFhGG8mD8GCBlf4leDhY3gs=:19 a=rrw6vJjIrwnxKIku:21 a=_W_S_7VecoQA:10 a=lqcHg5cX4UMA:10 a=HXjIzolwW10A:10 a=T6a71-JsGAwA:10 a=GbhPPLKizaWC3bbbynJf:22 a=3UwNAMdwCkDNk1h_qmPj:22
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI2MDE1OSBTYWx0ZWRfX+ezESvaIlZJO 5P+peilpkbOdcJ65uRWV0JVIo59DfGKc23gO8yAENvbO3jPA+3oyBoPR6O98yP7iCiY76ce3N9q kV4QuBd2apZshOEBPAT4108syrJFhbrWcCnCho0J9vqJDfs5OF/wKxVS+VUKb+VCU2S2SaH4ruJ JqZQxKCeHivycoqgvZq/sLOMJEHZ5WxU5WROliuQ+igkQHYDv0VP74RRXUB6C1ar9TUVSRBYk5P /5hQKPk/qpW8XiP5OdJkarRG0rlL7RGSSylCDxY14Zm06Yi3qIhU3AkzKxFk0Mru+km9bjr0FgL mZYxyMdZMSfD2gbagmduqxDDzdIJw/kpuawIVB9B5T6KoSDpKF3hUnkM5TLITSxDSrWHNNjP92d JakNTuczh7O4g4UnWQVo5aEeliopUJo7BSYRbgOAOcUoxiF+CEOJZZWVuhDVSScXze0idEPVRYf y0MM/zuZvVhx4RH0yJQ==
X-Proofpoint-Virus-Version:
Message-ID-Hash: UCYNCRNDABXJXG56OGG6IPC6IVU2YUGU
X-Message-ID-Hash: UCYNCRNDABXJXG56OGG6IPC6IVU2YUGU
X-MailFrom: Sven.Rajala@keyfactor.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-acme.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "acme@ietf.org" <acme@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Acme] Re: I-D Action: draft-ietf-acme-device-attest-02.txt
List-Id: Automated Certificate Management Environment <acme.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/JbKFLZj8hqMG5JJyFIHEc2Huk3U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Owner: <mailto:acme-owner@ietf.org>
List-Post: <mailto:acme@ietf.org>
List-Subscribe: <mailto:acme-join@ietf.org>
List-Unsubscribe: <mailto:acme-leave@ietf.org>
Hej Hej ACME, Richard Barnes pointed out that the previous version of this draft failed to provide a JSON encoding for the two new identifiers: permanentIdentifier and HardwareModuleName for the Order object. While addressing this we uncovered a few related issues. Given the scope of the change, Chairs and AD decided that this needed to go back to WG for another round of review, and do another WGLC. Version -02 makes the following changes: * Adds a JSON representation of the permanentIdentifier and HardwareModuleName identifiers. Since these are both represented in the CSR in structured ASN.1 objects, an ASCII representation was invented, along with a suggested algorithm for comparing them. * Explicitly allows for these identifiers to appear in the CSR but not in the issued certificate. It is completely reasonable that a client is willing to share its device fingerprint with the CA but does not want it published in the certificate, but it needs to be noted explicitly since it is a contradiction of RFC8555. Kindly, Sven Rajala Deputy PKI Officer M: +1 540 687 0761 sven.rajala@keyfactor.com<https://www.keyfactor.com/> From: internet-drafts@ietf.org <internet-drafts@ietf.org> Date: Friday, 2026 March 27 at 07:16 To: i-d-announce@ietf.org <i-d-announce@ietf.org> Cc: acme@ietf.org <acme@ietf.org> Subject: [Acme] I-D Action: draft-ietf-acme-device-attest-02.txt This Message Is From an External Sender This message came from outside your organization. Report Suspicious<https://us-phishalarm-ewt.proofpoint.com/EWT/v1/BjbSd3t9V7AnTp3tuV-82YaK!_0QvQsCqUBRnXA2SsFYwFMaMq3Hw0TfwDL6egjSvBGRRBqHynpo2ayyeZGjbSVib9Vnj54APifpdPBIKdppF_W9LtvnAnP4fiRQvxjxDHPAMcASR9oFbi2hK-q6sStrDFmzqO7A$> Internet-Draft draft-ietf-acme-device-attest-02.txt is now available. It is a work item of the Automated Certificate Management Environment (ACME) WG of the IETF. Title: Automated Certificate Management Environment (ACME) Device Attestation Extension Authors: Brandon Weeks Ganesh Mallaya Sven Rajala Corey Bonnell Name: draft-ietf-acme-device-attest-02.txt Pages: 13 Dates: 2026-03-26 Abstract: This document specifies new identifiers and a challenge for the Automated Certificate Management Environment (ACME) protocol which allows validating the identity of a device using attestation. The IETF datatracker status page for this Internet-Draft is: https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-acme-device-attest/__;!!BjbSd3t9V7AnTp3tuV-82YaK!0H-VC426pbKo4nrZmKuTOWRwRri0KW3g1VKsbmyECeGmHIDn7yRUXfzv84zsUTfjnGa6IjwvGfv4QR9LeU_eqx7Ht9k_-g$ There is also an HTML version available at: https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-ietf-acme-device-attest-02.html__;!!BjbSd3t9V7AnTp3tuV-82YaK!0H-VC426pbKo4nrZmKuTOWRwRri0KW3g1VKsbmyECeGmHIDn7yRUXfzv84zsUTfjnGa6IjwvGfv4QR9LeU_eqx7MiD2qFw$ A diff from the previous version is available at: https://urldefense.com/v3/__https://author-tools.ietf.org/iddiff?url2=draft-ietf-acme-device-attest-02__;!!BjbSd3t9V7AnTp3tuV-82YaK!0H-VC426pbKo4nrZmKuTOWRwRri0KW3g1VKsbmyECeGmHIDn7yRUXfzv84zsUTfjnGa6IjwvGfv4QR9LeU_eqx7FXv7Egw$ Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-leave@ietf.org
- [Acme] I-D Action: draft-ietf-acme-device-attest-… internet-drafts
- [Acme] Re: I-D Action: draft-ietf-acme-device-att… Sven A Rajala
- [Acme] Re: I-D Action: draft-ietf-acme-device-att… Mike Ounsworth