[Acme] Fwd: New Version Notification for draft-sheffer-acme-star-delegation-00.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 20 October 2018 02:40 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A62EB130DF0 for <acme@ietfa.amsl.com>; Fri, 19 Oct 2018 19:40:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aRvgdyr6gjg0 for <acme@ietfa.amsl.com>; Fri, 19 Oct 2018 19:40:06 -0700 (PDT)
Received: from mail-it1-x132.google.com (mail-it1-x132.google.com [IPv6:2607:f8b0:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31E84130DC0 for <acme@ietf.org>; Fri, 19 Oct 2018 19:40:06 -0700 (PDT)
Received: by mail-it1-x132.google.com with SMTP id m15so6673487itl.4 for <acme@ietf.org>; Fri, 19 Oct 2018 19:40:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:to:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=yjfjZ3ka0y9rNhGGtuuay2raJehQI//Id92KEN+tXvg=; b=B4UWd+irZ6QyIKvVSPXwZsCAkv6nayjnbDfsmKNDUYQmcqiDbjZodzazPMKqJlAhvJ 7Lc65EcS4C1HwmKXNxHqtkfGCNBemxx7pxtLS/IFRda7lEI2YH81Ec1jWrKZP58jX2+m 95PjyISt4/wV2wTQZDgDm+rOuxMymf/xX9YzA76iw6f0CMBS8VnP4CZM86jQ2NRvUJmn VFUNfaJ6zro5G2HgYK/v6qynfJLsHccIV8bT4BfzvootxeMnCplVMx9p35YJmZ8OwyHV XluiypDggcPvxKsdBRT/zayym3EiZPyBQHrrFWTS7St8sqTTsoJCesLFHT8WOHESsoAr ZtTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=yjfjZ3ka0y9rNhGGtuuay2raJehQI//Id92KEN+tXvg=; b=dqVUVx/Ye6flNt4UgPKuoD+pJd8wmh1a/x88p3BzJ0idnbm+w4mjLRFR0dpIsTHv7M dK5Zz+aWKZCvXtYXWAZRT+68Rqf0Kyt10GEltCXpg+a4UyBHLmNcVmYI8Y1nGCMUDaVH YtsiNxsW8Sackv+uCiTjzwouKMzZbGSy3KCNOHAGqxV2VBpFctF6y1JjdEp/svOsYriT SKKC3ET+3ZEvbOJ3JNfF/N5AIR+6rgNIyfGcUm3Cmjw8jEQBR++f8CffFabak4nVk4hQ nzSTUq9J3NhjW1IZSVkjP5KELcwlW8Aqc4IisW6hAcPrOvqRT3g+EM5coxV/AQpfyVIq 0e+w==
X-Gm-Message-State: ABuFfohn85ydblm5Mwd34As1qMj3b7CtYCXsxWCOCQQk/6q7/PqZfMdC YRx2f/fJrQ/LWP7NPtYK14NQN7w2/qA=
X-Google-Smtp-Source: ACcGV61kM8Gem4hlPPpdXX5TyvIG33AYISIW8x1vCBVvUQZpozJircKHvqBh64X90NzS91mj/MZzUg==
X-Received: by 2002:a24:a00a:: with SMTP id o10-v6mr4514956ite.32.1540003205251; Fri, 19 Oct 2018 19:40:05 -0700 (PDT)
Received: from [172.20.5.126] ([76.9.197.176]) by smtp.gmail.com with ESMTPSA id h10-v6sm7993636iom.67.2018.10.19.19.40.04 for <acme@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Oct 2018 19:40:04 -0700 (PDT)
References: <154000257399.20179.17876498487570219169.idtracker@ietfa.amsl.com>
To: "acme@ietf.org" <acme@ietf.org>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Forwarded-Message-Id: <154000257399.20179.17876498487570219169.idtracker@ietfa.amsl.com>
Message-ID: <58b1749c-20b6-ea63-647b-f8e11859f0ee@gmail.com>
Date: Fri, 19 Oct 2018 22:40:04 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <154000257399.20179.17876498487570219169.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/N0EZ7muTLFYBtFz_xi2FthLDHAw>
Subject: [Acme] Fwd: New Version Notification for draft-sheffer-acme-star-delegation-00.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Oct 2018 02:40:09 -0000
This is a complete rewrite of draft-sheffer-acme-star-request, the protocol that describes how STAR certificates can be used for certificate delegation. As requested by several WG members, this is now an ACME (-STAR) profile. Thanks, Yaron -------- Forwarded Message -------- Subject: New Version Notification for draft-sheffer-acme-star-delegation-00.txt Date: Fri, 19 Oct 2018 19:29:33 -0700 From: internet-drafts@ietf.org To: Yaron Sheffer <yaronf.ietf@gmail.com>, Thomas Fossati <thomas.fossati@nokia.com>, Antonio Agustin Pastor Perales <antonio.pastorperales@telefonica.com>, Antonio Pastor <antonio.pastorperales@telefonica.com>, Diego Lopez <diego.r.lopez@telefonica.com> A new version of I-D, draft-sheffer-acme-star-delegation-00.txt has been successfully submitted by Yaron Sheffer and posted to the IETF repository. Name: draft-sheffer-acme-star-delegation Revision: 00 Title: An ACME Profile for Generating Delegated STAR Certificates Document date: 2018-10-19 Group: Individual Submission Pages: 12 URL: https://www.ietf.org/internet-drafts/draft-sheffer-acme-star-delegation-00.txt Status: https://datatracker.ietf.org/doc/draft-sheffer-acme-star-delegation/ Htmlized: https://tools.ietf.org/html/draft-sheffer-acme-star-delegation-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-sheffer-acme-star-delegation Abstract: This memo proposes a profile of the ACME protocol that allows the owner of an identifier (e.g., a domain name) to delegate to a third party access to a certificate associated with said identifier. A primary use case is that of a CDN (the third party) terminating TLS sessions on behalf of a content provider (the owner of a domain name). The presented mechanism allows the owner of the identifier to retain control over the delegation and revoke it at any time by cancelling the associated STAR certificate renewal with the ACME CA. Another key property of this mechanism is it does not require any modification to the deployed TLS ecosystem. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Acme] Fwd: New Version Notification for draft-sh… Yaron Sheffer