[Acme] FW: New Version Notification for draft-ietf-acme-star-delegation-02.txt

Yaron Sheffer <yaronf.ietf@gmail.com> Tue, 18 February 2020 12:45 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46370120800 for <acme@ietfa.amsl.com>; Tue, 18 Feb 2020 04:45:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.86
X-Spam-Level:
X-Spam-Status: No, score=-0.86 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MALFORMED_FREEMAIL=1.137, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRUthwYvIcsp for <acme@ietfa.amsl.com>; Tue, 18 Feb 2020 04:45:47 -0800 (PST)
Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [IPv6:2a00:1450:4864:20::32a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59EFD1207FE for <acme@ietf.org>; Tue, 18 Feb 2020 04:45:47 -0800 (PST)
Received: by mail-wm1-x32a.google.com with SMTP id a9so2746513wmj.3 for <acme@ietf.org>; Tue, 18 Feb 2020 04:45:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=N+7uNATB+C3hpJMnLfJKx+TOaEwcudvZwPfLZezXVKw=; b=KnGUudfDAglQezdlMJWSLPuk+OYubxwoQyXGxlOLSCODVQUM2tuU2gLPIS/Sfk7Itx wQ3OSNdp6K8I0Gm0QCjEWYP28gpDdMTPp5PLvFHA5l6RITWBLx97yScLotPswL9p3Fls J8BKamR1aD99GCHPJyiFXRXVC8S17E41IxWpfNmRNDIWkIs34bSutigW6gyTYjTTwajL ASX8ZSkFKOjKtin86KxiYWegfxDgTHwp16+mrACcc7/W1wCp6leWE9AW+zJK/EAUMLMC njDKjXh4e/xAr+8I8PHEpLAqXZaOyR+y6HpkMZdkcz+9OUtoAooNLKzoXxIEZGMj5Ql7 WRoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=N+7uNATB+C3hpJMnLfJKx+TOaEwcudvZwPfLZezXVKw=; b=bn+/IOCPSEQT4D5kuQWuPj+w3LvvISfL5h8x3c76Bs32byxN8qEUFQRhdPfPw97b3q LvDFcl+e/r5uMj8cxRHvC0kqBtEGIayQVKPx5WPGZ6ataSqbemH87j2CYBgUwynR/O0A bAig7VLZ7WfNHtKbXOOV7/h4/Mo7bg8WPvwMzGah6HLR5e1jEEaPKs6o9cy3O3BeBm3i t/7SOOOJO2qKRBWdxYfg0HPjOLwp9bcfrRw3aWe/rZT3ES5rvuUNDtca2fxqL0Zpfff0 p4RwlQUKgV5Lwv1W1M9LcWqNWFaSD0XSVpyGaYakcLAgEFF017p4B/PvtCjE7kTzeSO8 ZFMw==
X-Gm-Message-State: APjAAAXrSw+zAzHePYhg3np0nUHpDJ6PqwyjJSEMndm0oUzhC1V8Ykgj GOaRd8lx2w0A2txyWrzlwZcrZFLD
X-Google-Smtp-Source: APXvYqwWsXPF+uhZUyGVvANh7rrL350SWoxixSpg65Z8kH5VSyM+U/n4O+JpgPXDFsxgmUlAFpCiBg==
X-Received: by 2002:a05:600c:2207:: with SMTP id z7mr3072756wml.138.1582029944593; Tue, 18 Feb 2020 04:45:44 -0800 (PST)
Received: from [172.28.128.173] (pub-corp-42-8.intuit.com. [91.102.42.8]) by smtp.gmail.com with ESMTPSA id w15sm5994192wrs.80.2020.02.18.04.45.43 for <acme@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Feb 2020 04:45:43 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.22.0.200209
Date: Tue, 18 Feb 2020 14:45:42 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: "acme@ietf.org" <acme@ietf.org>
Message-ID: <5A8EC9C7-51F8-416E-812C-05C5B58C2C33@gmail.com>
Thread-Topic: New Version Notification for draft-ietf-acme-star-delegation-02.txt
References: <158202961022.14010.10954856682447009119.idtracker@ietfa.amsl.com>
In-Reply-To: <158202961022.14010.10954856682447009119.idtracker@ietfa.amsl.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/MBRfcBHUayE5FYtthggmNpQP3SA>
Subject: [Acme] FW: New Version Notification for draft-ietf-acme-star-delegation-02.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Feb 2020 12:45:50 -0000

Hi,

This version of the draft overhauls the CSR template that defines what parameters the Name Delegation Client is allowed to use in its certificate request.

This is work in progress, and we expect to publish another version before Vancouver.

Thanks,
	Yaron

On 2/18/20, 14:40, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote:

    
    A new version of I-D, draft-ietf-acme-star-delegation-02.txt
    has been successfully submitted by Yaron Sheffer and posted to the
    IETF repository.
    
    Name:		draft-ietf-acme-star-delegation
    Revision:	02
    Title:		An ACME Profile for Generating Delegated STAR Certificates
    Document date:	2020-02-18
    Group:		acme
    Pages:		19
    URL:            https://www.ietf.org/internet-drafts/draft-ietf-acme-star-delegation-02.txt
    Status:         https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/
    Htmlized:       https://tools.ietf.org/html/draft-ietf-acme-star-delegation-02
    Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-delegation
    Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-delegation-02
    
    Abstract:
       This memo proposes a profile of the ACME protocol that allows the
       owner of an identifier (e.g., a domain name) to delegate to a third
       party access to a certificate associated with said identifier.  A
       primary use case is that of a CDN (the third party) terminating TLS
       sessions on behalf of a content provider (the owner of a domain
       name).  The presented mechanism allows the owner of the identifier to
       retain control over the delegation and revoke it at any time by
       cancelling the associated STAR certificate renewal with the ACME CA.
       Another key property of this mechanism is it does not require any
       modification to the deployed TLS ecosystem.
    
                                                                                      
    
    
    Please note that it may take a couple of minutes from the time of submission
    until the htmlized version and diff are available at tools.ietf.org.
    
    The IETF Secretariat