Re: [Acme] 2nd working group call for adoption draft-friel-acme-subdomains
Michael Richardson <mcr+ietf@sandelman.ca> Sat, 16 October 2021 19:41 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 970583A09CE for <acme@ietfa.amsl.com>; Sat, 16 Oct 2021 12:41:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LcmeIunIGFnM for <acme@ietfa.amsl.com>; Sat, 16 Oct 2021 12:41:41 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D7E53A0A65 for <acme@ietf.org>; Sat, 16 Oct 2021 12:41:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id E11D4180B8; Sat, 16 Oct 2021 15:42:04 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id cG8ovLH-hKDc; Sat, 16 Oct 2021 15:42:04 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 6D88F1808D; Sat, 16 Oct 2021 15:42:04 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 57BA9236; Sat, 16 Oct 2021 15:41:38 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Seo Suchan <tjtncks@gmail.com>, acme@ietf.org
In-Reply-To: <6e2f1393-0736-3778-7a98-3feab9f7ab28@gmail.com>
References: <35b4f7e6b91a4d8fab408cb53a6381cf@nsa.gov> <6e2f1393-0736-3778-7a98-3feab9f7ab28@gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 16 Oct 2021 15:41:38 -0400
Message-ID: <2621.1634413298@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/SopR8pdbd60HRfJejMAY9m8YOFs>
Subject: Re: [Acme] 2nd working group call for adoption draft-friel-acme-subdomains
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Oct 2021 19:41:47 -0000
You don't say if you support adoption or not. Is this something the WG should on? Once adopted, the WG can change it. Seo Suchan <tjtncks@gmail.com> wrote: > I think it'd better to not limit challenge type to dns-01, but to any > challenge type that CA is be allowed to issue wildcard cert from it. there > may be add another challenge type (like using rfc8823's mail challange to CAA > iodef or whois mail?) or DNS challenge may needed to amend to dns-02 in > future. I think that should new challenge types come along, that those new challenges will either Update this document, will detail some new consideration, or will detail why a subdomain challenge can't apply. Security reviewers do not like it when they inputs to some protocols can be anything. Narrow scopes are easy to widen with later documents. The opposite is not the case. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Acme] 2nd working group call for adoption Cooley, Dorothy E
- Re: [Acme] 2nd working group call for adoption Salz, Rich
- Re: [Acme] 2nd working group call for adoption Russ Housley
- Re: [Acme] 2nd working group call for adoption Martin Thomson
- Re: [Acme] 2nd working group call for adoption Owen Friel (ofriel)
- Re: [Acme] 2nd working group call for adoption Richard Barnes
- Re: [Acme] 2nd working group call for adoption Seo Suchan
- Re: [Acme] 2nd working group call for adoption Kampanakis, Panos
- Re: [Acme] 2nd working group call for adoption dr… Michael Richardson
- Re: [Acme] 2nd working group call for adoption Martin Thomson
- Re: [Acme] 2nd working group call for adoption Eliot Lear
- Re: [Acme] 2nd working group call for adoption Owen Friel (ofriel)