Re: [Acme] New Version Notification for draft-ietf-acme-acme-15.txt
Richard Barnes <rlb@ipv.sx> Tue, 02 October 2018 22:35 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8204F1311AE for <acme@ietfa.amsl.com>; Tue, 2 Oct 2018 15:35:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 79tZY3dmjPm1 for <acme@ietfa.amsl.com>; Tue, 2 Oct 2018 15:35:35 -0700 (PDT)
Received: from mail-oi1-x241.google.com (mail-oi1-x241.google.com [IPv6:2607:f8b0:4864:20::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8D4513119F for <acme@ietf.org>; Tue, 2 Oct 2018 15:35:34 -0700 (PDT)
Received: by mail-oi1-x241.google.com with SMTP id 22-v6so1941578oiz.2 for <acme@ietf.org>; Tue, 02 Oct 2018 15:35:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GWwhPyeLnmEiM3tWoJiLrKc4ZBkHvMqr0WidUL3iA14=; b=w7hHADcmxd9ctuDwX7XBCic8Hp14alCOhoLBRgj8QWE9mwEfh2f7zJm9oAmeOurbDY NgPbBASFk8q6YcB1s03fXBshLdQwgYxER790bZ7rs/CZHGmUodDk+RdKDjw5J6KqwicN Pxjj/GFDy9lDS9zcP2siyfOCZyK+p20/t/SqlmAD1IVVe2jjgfKC19rbIT+6I/q+nSPw HrWqF0QSS5r5PAztBtL326oYZcz7sVI45m+MFyekaZNUWyNoQwdjAJe91nlGPM2UC6yn 3BThqZNP5VpwBgzmjXEa3mKptab1GKNX7rYe0CEgZACRGVE1dm1FKHkeQapTbIQZVaci 0WTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GWwhPyeLnmEiM3tWoJiLrKc4ZBkHvMqr0WidUL3iA14=; b=k3Mxc1JDNA7VuRa6xLWBpiAWzDO7jkJZ6t0djLB4l2n5h1pVoCE9shXe1TlJOYPXKf n6zDCsRi/O5xodo0sMsV9aK0/VzFE+NoOfTVU9liGo0Mo9Cv6KP1lLD+zroLKpKvRy9P bfwIINzIRVyBgXYmogq7bEGl7fS31BlFpy7qStchqyr2VEs2e6QNqPZEkiSRZVgIx8xY 2S1gr5qq4DQQHGkcSo/0HvNFxEdS6bOygLaTxMlDY0Cw8D/8NmoxH6Z9Or/QNgxW1d1B pKAMd62YXt90uoH7j72f3YxlG1QS81BEp0EDr8UxXtCG7fAAlOmbj+SXl/kOgGVgbAK9 RR1Q==
X-Gm-Message-State: ABuFfoh4bp1aG3A5IydkxDV7Sq5usVCza6vwP3SKLBQHwmG0RDU8fZZe RSCUJYS1w7Vd9f94AhRZ1YtbnJV6hUeGREF82CS3TA==
X-Google-Smtp-Source: ACcGV62kqi+GSuYK49hd91xe7N3GCcbc+OCuIdnoqvW34cWH5yxDS5xe4/sQS2AgEQa/Ckoouk1t2IIemOTraD4JOtg=
X-Received: by 2002:aca:3195:: with SMTP id x143-v6mr8976488oix.213.1538519733190; Tue, 02 Oct 2018 15:35:33 -0700 (PDT)
MIME-Version: 1.0
References: <153790863049.4815.11688164683006914130.idtracker@ietfa.amsl.com> <CAL02cgSjdpjt6=D0ceVZZMutpw47PMadow2SnWSTMoL6P0TXDA@mail.gmail.com> <CAL02cgQxgqHgO-Q2fBvvfUguVdUByiSFq39cM+0JXPjGtG+XwA@mail.gmail.com> <2cd1ed57-4885-7d2d-911a-badfe6b9351e@nostrum.com>
In-Reply-To: <2cd1ed57-4885-7d2d-911a-badfe6b9351e@nostrum.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 03 Oct 2018 00:35:15 +0200
Message-ID: <CAL02cgTDtPX4aei2Wgq+Cjz4fi-xgaRN5Vt=2xu2J1ybB5R60A@mail.gmail.com>
To: Adam Roach <adam@nostrum.com>
Cc: IETF ACME <acme@ietf.org>, James Kasten <jdkasten@umich.edu>, Daniel McCarney <cpu@letsencrypt.org>, Jacob Hoffman-Andrews <jsha@eff.org>
Content-Type: multipart/alternative; boundary="0000000000002d56140577468ae2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/LvSaEG33BUwPm_3Mwt12DyjugIc>
Subject: Re: [Acme] New Version Notification for draft-ietf-acme-acme-15.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 22:35:40 -0000
Adam: Thanks for the ... detailed response :) Looking through these examples, it looks like the unique problematic URLs are the following: https://example.com/acme/acct/1 https://example.com/acme/acct/1/orders https://example.com/acme/acct/1/order/1 https://example.com/acme/acct/1/order/1/finalize https://example.com/acme/acct/1/order/2 https://example.com/acme/acct/1/order/50 https://example.com/acme/authz/0 https://example.com/acme/authz/1234 https://example.com/acme/authz/1234/0 https://example.com/acme/authz/1234/2 https://example.com/acme/authz/2345 https://example.com/acme/cert/1234 https://example.com/acme/order/asdf/finalize I've changed these to the following partly-randomized URLs, under the theory that (1) independent, flat namespaces are good, (2) discovering order-list and finalization URLs isn't a big deal, and (3) 64 bits should be enough for anyone. https://example.com/acme/acct/evOfKhNU60w https://example.com/acme/acct/evOfKhNU60wg/orders https://example.com/acme/order/TOlocE8rfgo https://example.com/acme/order/TOlocE8rfgo/finalize https://example.com/acme/order/4E16bbL5iSw https://example.com/acme/order/neBHYLfw0mg https://example.com/acme/authz/PAniVnsZcis https://example.com/acme/authz/PAniVnsZcis https://example.com/acme/chall/prV_B7yEyA4 https://example.com/acme/chall/Rg5dV14Gh1Q https://example.com/acme/authz/r4HqLzrSrpI https://example.com/acme/cert/mAt3xBGaobw https://example.com/acme/order/TOlocE8rfgo/finalize Pull request here: https://github.com/ietf-wg-acme/acme/pull/455 Let's get some thorough review on that PR, though, to make sure I haven't introduced any accidental inconsistencies. --Richard On Tue, Sep 25, 2018 at 11:35 PM Adam Roach <adam@nostrum.com> wrote: > The new text looks great. Thanks for the work that everyone has done to > address the privacy concerns I highlighted. > > I do worry that implementors are likely to overlook the new text when the > examples so clearly do not follow the recommendations in section 10.5. > Please note that this was explicitly point (3) of my DISCUSS. For avoidance > of doubt, I'll highlight the minimal set of examples that need to be > updated. It would be ideal if the other examples that use constructs like > "1234" and "4321" were similarly updated, but they are less likely to lead > to the confusion that will be caused by the ones I cite below, which use > single digits where section 10.5 calls for "large unpredictable components". > > One minor nit (since you're going to need a new draft): > s/concatinates/concatenates/ > > Problem 1: > > { > "status": "valid", > "contact": [ > "mailto:cert-admin@example.com" <cert-admin@example.com>, > "mailto:admin@example.com" <admin@example.com> > ], > "termsOfServiceAgreed": true, > "orders": "https://example.com/acme/acct/1/orders" <https://example.com/acme/acct/1/orders> > } > > > Problem 2: > > { > "orders": [ > "https://example.com/acme/acct/1/order/1" <https://example.com/acme/acct/1/order/1>, > "https://example.com/acme/acct/1/order/2" <https://example.com/acme/acct/1/order/2>, > /* 47 more URLs not shown for example brevity */ > "https://example.com/acme/acct/1/order/50" <https://example.com/acme/acct/1/order/50> > ] > } > > > Problem 3: > > { > "status": "valid", > "expires": "2015-03-01T14:09:07.99Z", > > "identifiers": [ > { "type": "dns", "value": "example.com" }, > { "type": "dns", "value": "www.example.com" } > ], > > "notBefore": "2016-01-01T00:00:00Z", > "notAfter": "2016-01-08T00:00:00Z", > > "authorizations": [ > "https://example.com/acme/authz/1234" <https://example.com/acme/authz/1234>, > "https://example.com/acme/authz/2345" <https://example.com/acme/authz/2345> > ], > > "finalize": "https://example.com/acme/acct/1/order/1/finalize" <https://example.com/acme/acct/1/order/1/finalize>, > > "certificate": "https://example.com/acme/cert/1234" <https://example.com/acme/cert/1234> > } > > (at least the "finalize" URLs, and arguable the "certificate" and > "authorizations" URLs) > > > Problem 4: > > HTTP/1.1 201 Created > Content-Type: application/json > Replay-Nonce: D8s4D2mLs8Vn-goWuPQeKA > Location: https://example.com/acme/acct/1 > Link: <https://example.com/acme/some-directory> <https://example.com/acme/some-directory>;rel="index" > > { > "status": "valid", > > "contact": [ > "mailto:cert-admin@example.com" <cert-admin@example.com>, > "mailto:admin@example.com" <admin@example.com> > ], > > "orders": "https://example.com/acme/acct/1/orders" <https://example.com/acme/acct/1/orders> > } > > (Both the Link header field and the "orders" URL) > > Problem 5: > > POST /acme/acct/1 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "ax5RnthDqp_Yf4_HZnFLmA", > "url": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1> > }), > "payload": base64url({ > "contact": [ > "mailto:certificates@example.com" <certificates@example.com>, > "mailto:admin@example.com" <admin@example.com> > ] > }), > "signature": "hDXzvcj8T6fbFbmn...rDzXzzvzpRy64N0o" > } > > (The Request-URI and both URLs in the body) > > > Problem 6: > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "S9XaOcxP5McpnTcWPIhYuB", > "url": "https://example.com/acme/key-change" <https://example.com/acme/key-change> > }), > "payload": base64url({ > "protected": base64url({ > "alg": "ES256", > "jwk": /* new key */, > "url": "https://example.com/acme/key-change" <https://example.com/acme/key-change> > }), > "payload": base64url({ > "account": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "oldKey": /* old key */ > }), > "signature": "Xe8B94RD30Azj2ea...8BmZIRtcSKPSd8gU" > }), > "signature": "5TWiqIYQfIDfALQv...x9C2mg8JGPxl5bI4" > } > > > Problem 7: > > POST /acme/acct/1 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "ntuJWWSic4WVNSqeUmshgg", > "url": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1> > }), > "payload": base64url({ > "status": "deactivated" > }), > "signature": "earzVLd3m5M4xJzR...bVTqn7R08AKOVf3Y" > } > > > Problem 8: > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "5XJ1L3lEkMG7tR6pA00clA", > "url": "https://example.com/acme/new-order" <https://example.com/acme/new-order> > }), > "payload": base64url({ > "identifiers": [ > { "type": "dns", "value": "example.com" } > ], > "notBefore": "2016-01-01T00:04:00+04:00", > "notAfter": "2016-01-08T00:04:00+04:00" > }), > "signature": "H6ZXtGjTZyUnPeKn...wEA4TklBdh3e454g" > } > > > Problem 9: > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "MSF2j2nawWHPxxkE3ZJtKQ", > "url": "https://example.com/acme/order/asdf/finalize" <https://example.com/acme/order/asdf/finalize> > }), > "payload": base64url({ > "csr": "MIIBPTCBxAIBADBFMQ...FS6aKdZeGsysoCo4H9P", > }), > "signature": "uOrUfIIk5RyQ...nw62Ay1cl6AB" > } > > > > Problem 10: > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "uQpSjlRb4vQVCjVYAyyUWg", > "url": "https://example.com/acme/new-authz" <https://example.com/acme/new-authz> > }), > "payload": base64url({ > "identifier": { > "type": "dns", > "value": "example.net" > } > }), > "signature": "nuSDISbWG8mMgE7H...QyVUL68yzf3Zawps" > } > > > Problem 11: > > POST /acme/authz/1234 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > Accept: application/pkix-cert > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "uQpSjlRb4vQVCjVYAyyUWg", > "url": "https://example.com/acme/authz/1234" <https://example.com/acme/authz/1234>, > }), > "payload": "", > "signature": "nuSDISbWG8mMgE7H...QyVUL68yzf3Zawps" > } > > HTTP/1.1 200 OK > Content-Type: application/json > Link: <https://example.com/acme/some-directory> <https://example.com/acme/some-directory>;rel="index" > > { > "status": "pending", > "expires": "2018-03-03T14:09:30Z", > > "identifier": { > "type": "dns", > "value": "example.org" > }, > > "challenges": [ > { > "type": "http-01", > "url": "https://example.com/acme/authz/1234/0" <https://example.com/acme/authz/1234/0>, > "token": "DGyRejmCefe7v4NfDGDKfA" > }, > { > "type": "dns-01", > "url": "https://example.com/acme/authz/1234/2" <https://example.com/acme/authz/1234/2>, > "token": "DGyRejmCefe7v4NfDGDKfA" > } > ], > > "wildcard": false > } > > > Problem 12: > > POST /acme/authz/1234/0 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "Q_s3MWoqT05TrdkM2MTDcw", > "url": "https://example.com/acme/authz/1234/0" <https://example.com/acme/authz/1234/0> > }), > "payload": base64url({}), > "signature": "9cbg5JO1Gf5YLjjz...SpkUfcdPai9uVYYQ" > } > > > Problem 13: > > POST /acme/authz/1234 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > Accept: application/pkix-cert > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "uQpSjlRb4vQVCjVYAyyUWg", > "url": "https://example.com/acme/authz/1234" <https://example.com/acme/authz/1234>, > }), > "payload": "", > "signature": "nuSDISbWG8mMgE7H...QyVUL68yzf3Zawps" > } > > HTTP/1.1 200 OK > Content-Type: application/json > > { > "status": "valid", > "expires": "2018-09-09T14:09:01.13Z", > > "identifier": { > "type": "dns", > "value": "example.org" > }, > > "challenges": [ > { > "type": "http-01", > "url": "https://example.com/acme/authz/1234/0" <https://example.com/acme/authz/1234/0>, > "status": "valid", > "validated": "2014-12-01T12:05:13.72Z", > "token": "IlirfxKKXAsHtmzK29Pj8A" > } > ], > > "wildcard": false > } > > > Problem 14: > > POST /acme/authz/1234 HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "xWCM9lGbIyCgue8di6ueWQ", > "url": "https://example.com/acme/authz/1234" <https://example.com/acme/authz/1234> > }), > "payload": base64url({ > "status": "deactivated" > }), > "signature": "srX9Ji7Le9bjszhu...WTFdtujObzMtZcx4" > } > > > Problem 15: > > POST /acme/revoke-cert HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "JHb54aT_KTXBWQOzGYkt9A", > "url": "https://example.com/acme/revoke-cert" <https://example.com/acme/revoke-cert> > }), > "payload": base64url({ > "certificate": "MIIEDTCCAvegAwIBAgIRAP8...", > "reason": 4 > }), > "signature": "Q1bURgJoEslbD1c5...3pYdSMLio57mQNN4" > } > > > Problem 16: > > POST /acme/revoke-cert HTTP/1.1 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "RS256", > "jwk": /* certificate's public key */, > "nonce": "JHb54aT_KTXBWQOzGYkt9A", > "url": "https://example.com/acme/revoke-cert" <https://example.com/acme/revoke-cert> > }), > "payload": base64url({ > "certificate": "MIIEDTCCAvegAwIBAgIRAP8...", > "reason": 1 > }), > "signature": "Q1bURgJoEslbD1c5...3pYdSMLio57mQNN4" > } > > > Problem 17: > > { > "type": "http-01", > "url": "https://example.com/acme/authz/0" <https://example.com/acme/authz/0>, > "status": "pending", > "token": "LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowyjxAjEuX0" > } > > > Problem 18: > > POST /acme/authz/1234/0 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "UQI1PoRi5OuXzxuX7V7wL0", > "url": "https://example.com/acme/authz/1234/0" <https://example.com/acme/authz/1234/0> > }), > "payload": base64url({}), > "signature": "Q1bURgJoEslbD1c5...3pYdSMLio57mQNN4" > } > > > > Problem 19: > > POST /acme/authz/1234/2 > Host: example.com > Content-Type: application/jose+json > > { > "protected": base64url({ > "alg": "ES256", > "kid": "https://example.com/acme/acct/1" <https://example.com/acme/acct/1>, > "nonce": "SS2sSl1PtspvFZ08kNtzKd", > "url": "https://example.com/acme/authz/1234/2" <https://example.com/acme/authz/1234/2> > }), > "payload": base64url({}), > "signature": "Q1bURgJoEslbD1c5...3pYdSMLio57mQNN4" > } > > > /a > > > > On 9/25/18 4:02 PM, Richard Barnes wrote: > > This version incorporates the feedback from the IESG, most notably moving > from to GET to POST-as-GET. > > Chairs / ADs - Where to from here? > > On Tue, Sep 25, 2018 at 11:02 PM Richard Barnes <rlb@ipv.sx> <rlb@ipv.sx> > wrote: > >> This version incorporates the feedback from the IESG, most notably moving >> from to GET to POST-as-GET. >> >> Chairs / ADs - Where to from here? >> >> On Tue, Sep 25, 2018 at 10:50 PM <internet-drafts@ietf.org> wrote: >> >>> >>> A new version of I-D, draft-ietf-acme-acme-15.txt >>> has been successfully submitted by Richard Barnes and posted to the >>> IETF repository. >>> >>> Name: draft-ietf-acme-acme >>> Revision: 15 >>> Title: Automatic Certificate Management Environment (ACME) >>> Document date: 2018-09-25 >>> Group: acme >>> Pages: 89 >>> URL: >>> https://www.ietf.org/internet-drafts/draft-ietf-acme-acme-15.txt >>> Status: https://datatracker.ietf.org/doc/draft-ietf-acme-acme/ >>> Htmlized: https://tools..ietf.org/html/draft-ietf-acme-acme-15 >>> <https://tools.ietf.org/html/draft-ietf-acme-acme-15> >>> Htmlized: >>> https://datatracker.ietf.org/doc/html/draft-ietf-acme-acme >>> Diff: >>> https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-acme-15 >>> >>> Abstract: >>> Public Key Infrastructure X.509 (PKIX) certificates are used for a >>> number of purposes, the most significant of which is the >>> authentication of domain names. Thus, certification authorities >>> (CAs) in the Web PKI are trusted to verify that an applicant for a >>> certificate legitimately represents the domain name(s) in the >>> certificate. Today, this verification is done through a collection >>> of ad hoc mechanisms. This document describes a protocol that a CA >>> and an applicant can use to automate the process of verification and >>> certificate issuance. The protocol also provides facilities for >>> other certificate management functions, such as certificate >>> revocation. >>> >>> RFC EDITOR: PLEASE REMOVE THE FOLLOWING PARAGRAPH: The source for >>> this draft is maintained in GitHub. Suggested changes should be >>> submitted as pull requests at https://github.com/ietf-wg-acme/acme >>> [1]. Instructions are on that page as well. Editorial changes can >>> be managed in GitHub, but any substantive change should be discussed >>> on the ACME mailing list (acme@ietf.org). >>> >>> >>> >>> >>> Please note that it may take a couple of minutes from the time of >>> submission >>> until the htmlized version and diff are available at tools.ietf.org. >>> >>> The IETF Secretariat >>> >>> > _______________________________________________ > Acme mailing listAcme@ietf.orghttps://www.ietf.org/mailman/listinfo/acme > > >
- Re: [Acme] New Version Notification for draft-iet… Richard Barnes
- Re: [Acme] New Version Notification for draft-iet… Salz, Rich
- Re: [Acme] New Version Notification for draft-iet… Adam Roach
- Re: [Acme] New Version Notification for draft-iet… Richard Barnes