[Acme] Want client-defined callback port

Bruce Gaya <gaya@apple.com> Thu, 16 April 2015 03:04 UTC

Return-Path: <gaya@apple.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A525F1B2D13 for <acme@ietfa.amsl.com>; Wed, 15 Apr 2015 20:04:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.412
X-Spam-Level:
X-Spam-Status: No, score=-2.412 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHXmVuzLNv8x for <acme@ietfa.amsl.com>; Wed, 15 Apr 2015 20:04:30 -0700 (PDT)
Received: from mail-in4.apple.com (mail-out4.apple.com [17.151.62.26]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE5E61B2D26 for <acme@ietf.org>; Wed, 15 Apr 2015 20:04:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1429153470; x=2293067070; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=T7Lnpp9eDBTH8+QtvJZIu691ZQX4h7FZuv2AovNGHJU=; b=CmvjkczcK0TLLQpN9rk/orMV/anIsEevqo5suAWCfT8bQylyrU+80ka3x4MjU0ht hIusi27qJB3va5pKM/p75R+gzyOXGTnnQWvkW6RwIcDJLl4RTR6mdSjA9UfK3bq/ YXKzjQvlbbCM/1TU3jsYcxsx6ZpA2uZf9rgbb1W9GRwCaO9Nkq48wCauC2fGtuDU yaX6Cdb9LEERdUSNEpQRmWPyn4/gbRJ/gSrK/JZCicJyWQRgKGeZdWRewpM1Vmfr Z1bhe4XlKf50hQEoFDrqs3yZ7kayKRDxpym+ePujjvejifdnH06DCMLzJ1AQuFUI 14VyjxEB78WSB5yZ6fQcBg==;
Received: from relay8.apple.com (relay8.apple.com [17.128.113.102]) by mail-in4.apple.com (Apple Secure Mail Relay) with SMTP id 29.F3.18963.EB62F255; Wed, 15 Apr 2015 20:04:30 -0700 (PDT)
X-AuditID: 11973e12-f79456d000004a13-5f-552f26be5dde
Received: from spicerack.apple.com (spicerack.apple.com [17.128.115.40]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by relay8.apple.com (Apple SCV relay) with SMTP id 35.F3.18665.4C62F255; Wed, 15 Apr 2015 20:04:36 -0700 (PDT)
Received: from cc0102b-dhcp72.apple.com ([17.212.159.72]) by spicerack.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTPSA id <0NMV008ANPVH6N60@spicerack.apple.com> for acme@ietf.org; Wed, 15 Apr 2015 20:04:30 -0700 (PDT)
From: Bruce Gaya <gaya@apple.com>
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: quoted-printable
Date: Wed, 15 Apr 2015 20:04:29 -0700
To: acme@ietf.org
Message-id: <352DA5FE-AC6F-49A7-8F9F-70A74889204F@apple.com>
MIME-version: 1.0 (Mac OS X Mail 8.2 \(2098\))
X-Mailer: Apple Mail (2.2098)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupiluLIzCtJLcpLzFFi42IRbChM092nph9qsG+BqMWq54EOjB5Llvxk CmCM4rJJSc3JLEst0rdL4Mo49P4UY8ElloruX+wNjNeYuxg5OSQETCRu33gPZYtJXLi3nq2L kYtDSGAfo8StppNMMEW73i9lB7GFBCYzSXx8UAVRNI1J4ufEdWwgCTYBRYnprS/AGpgFtCTW 7zwOZWtLPHl3gRXEZhFQlZhz+A8LiC0MVPP2xTJGEFtEQFDi7dK3QHM4OHgFbCSuPbYDCfMK 6EnMub4ALCwhICvxdascyFoJgaOsEl9mbGSbwCgwC8m2WUi2zULSvoCReRWjUG5iZo5uZp6J XmJBQU6qXnJ+7iZGUOBNtxPawXhqldUhRgEORiUe3gULdEOFWBPLiitzDzFKc7AoifNOUtUL FRJITyxJzU5NLUgtii8qzUktPsTIxMEp1cCox7Mnn3FZXnYYu/BjW0ezq8svOhxzePLqcshq o+IFLkl9s9sbV8et+82gusHSK/KdUu1007BLMccknq++Ok3xtn+Eyn6HP2/6o9btubzSoGft fOdl+3we6T/3XHh07Wu/TV4uU/R/xddHJT4RW8knkZJ52ZSx413be+kXP21yuMzXPF64/paK EktxRqKhFnNRcSIALzqgMB0CAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrLJMWRmVeSWpSXmKPExsUi2FCsoXtETT/U4NAdSYtVzwMdGD2WLPnJ FMAYxWWTkpqTWZZapG+XwJVx6P0pxoJLLBXdv9gbGK8xdzFyckgImEjser+UHcIWk7hwbz0b iC0kMJlJ4uODqi5GLiB7GpPEz4nrwBJsAooS01tfMIHYzAJaEut3HoeytSWevLvACmKzCKhK zDn8hwXEFgaqeftiGSOILSIgKPF26VugORwcvAI2Etce24GEeQX0JOZcXwAWlhCQlfi6VW4C I+8sJAtmIVkwC0nHAkbmVYwCRak5iZUWeokFBTmpesn5uZsYwYFSmLaDsWm51SFGAQ5GJR7e BQt0Q4VYE8uKK3MPMUpwMCuJ8Dbv1AsV4k1JrKxKLcqPLyrNSS0+xCjNwaIkzvtOGSglkJ5Y kpqdmlqQWgSTZeLglGpgNFi34m7TD83fP6/tuXyRUf7Rc6XP3mkhT7tOCNklM5pssqxLLpBo Vk8o5z/OlfrS/suZuFtOnvo6GlZxs37nHrGLV+Tf8Lrh3bVPx6Y9PumuEKocICBSH5Bzqylu 9pvr4vYV0pGhkdy3XNQrHipdM9t29Gft2o1ajxpFn8u90T1z8/HXWRVFSizFGYmGWsxFxYkA +DeOyRACAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/LgXR7qVLGgLqvE1Y5wHuOGhzO-g>
Subject: [Acme] Want client-defined callback port
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2015 22:04:35 -0000

Hello Acme  list,

I want to use an ACME client to get a new certificate without taking down my existing web services that are using a port 443 (with a self-signed certificate or a certificate issued by another CA).

I therefore request that the Response payloads for Challenge messages that will later lead to server-to-client callback, such as Simple HTTP and DVSNI, include an optional  port number. The ACME server would then use the optional port when calling back to the client.  If no optional port is specified, the server would use port 443.

Thanks,
Bruce