IETF Logo Mail Archive

Re: [Acme] I-D Action: draft-ietf-acme-star-09.txt

Thomas Fossati <Thomas.Fossati@arm.com> Tue, 17 September 2019 16:20 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C485B12011C for <acme@ietfa.amsl.com>; Tue, 17 Sep 2019 09:20:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=xPnh0QJL; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=UyDloP3W
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vw1ujTJAUnhT for <acme@ietfa.amsl.com>; Tue, 17 Sep 2019 09:20:18 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80058.outbound.protection.outlook.com [40.107.8.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC4F012088C for <acme@ietf.org>; Tue, 17 Sep 2019 09:12:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PTtxN8hIbt4Y/HlkW5ztEB/pb6ajXi8iTcyl0NFIBlo=; b=xPnh0QJL4zjRegD7Nu/ncd8G/UBR5OgA9EgfRIQWTmKPN0NV1eWkhjds0wcFvySXEls/47A7+Tat+mUUmvT9rfm02Owoih0Cc+RZoF/pJyueLFCXnAmpO68J2otlcP26wGNRiSJokjMcnUUQUwUYYHuvcIhdLmpgMHlZmnVGqkU=
Received: from VI1PR0802CA0025.eurprd08.prod.outlook.com (2603:10a6:800:a9::11) by VI1PR0802MB2463.eurprd08.prod.outlook.com (2603:10a6:800:bb::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.20; Tue, 17 Sep 2019 16:12:55 +0000
Received: from VE1EUR03FT043.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::201) by VI1PR0802CA0025.outlook.office365.com (2603:10a6:800:a9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.21 via Frontend Transport; Tue, 17 Sep 2019 16:12:55 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT043.mail.protection.outlook.com (10.152.19.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.14 via Frontend Transport; Tue, 17 Sep 2019 16:12:53 +0000
Received: ("Tessian outbound 5061e1b5386c:v31"); Tue, 17 Sep 2019 16:12:53 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: f491013ff1fd34d1
X-CR-MTA-TID: 64aa7808
Received: from da9cdaa0d0da.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.0.51]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 05D61DB0-4583-4256-8361-219FC5103642.1; Tue, 17 Sep 2019 16:12:47 +0000
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp2051.outbound.protection.outlook.com [104.47.0.51]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id da9cdaa0d0da.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 17 Sep 2019 16:12:47 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dujdeYYBQT+aatGLy2SZnLMclEKA9BZCdJjRnQOKhie1CUKCQ0z/M+jn9ttNMfLILMZ0MTBzONL+v4EZRtCrRPQX7bGYihlFdboSB1CToBjM52WzUVWuFn+5WrVvLYaQ0P4iTqpAiw988j/YRVEKVdv17qhtpnDy3ECwhveKGYnWsJbdZZXY6snoJ26Fkx4kZCIQx060sVcArDp+hViMBXi0DCmlE/XLCN0a/vgS/IdEDP3+csOaIFYc2YltGX8s9S0QpSgiFZL11QUAphP9Xk2oWS1kl5wqmw4Hf8pYbGnNqtxZM5kODIKM99z0w2LyVuCzBK1Fa43G4iFuWCZMwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bLhujuIi1WMUQ4YMawWPvmlXIYNxerOlFyYrny3FppQ=; b=aHxMStb5eaBz0cB/yxptXkh+0AYU5221BM3SXIToLJ/X5wRa0dQqqhZzXS3KKM75E9o1/unsDDm1nG8A1OizndajL3NLEza30HQAZOg1ToLLv9iVweCYzF4gFzAstt4uQRN2MGBelwskp4bOamDeNkWqSaS3fLMit8+HOOvVrgD5xEXDNRCzVSGeCojDr7ZuZH2PySOY/XgbW++jAP0SB6E83b/sf0uH+4GVi024wkoNTMRcu8CYp53pwdcMv+NrxBAu88MPpJwzJQdVc03U/kawVGEOzJ093a0pTnJ/TT4Rf5AthyLmWgVGkblMynDgFZtgqTJ1ofjQGp0KtLY7qQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bLhujuIi1WMUQ4YMawWPvmlXIYNxerOlFyYrny3FppQ=; b=UyDloP3WQggLK8sf/7a4Tpem+vQ7cTCsPBuc/tqXBuVhJyBUnIAYhQgagF+wBWOW/fBk/Lv9hzVzd8bgeFIP7AWZJEjoYd37ehZd17/Ayy4jNHEEdah3YsrX1SgfyeDF4v/7apI2WCZ1II5Du/pQ4uQZxcnlf66A2UuAAt5tcws=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (20.179.18.151) by AM6PR08MB4724.eurprd08.prod.outlook.com (10.255.99.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17; Tue, 17 Sep 2019 16:12:46 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::6020:78b2:b6a8:24a2]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::6020:78b2:b6a8:24a2%5]) with mapi id 15.20.2263.023; Tue, 17 Sep 2019 16:12:46 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] I-D Action: draft-ietf-acme-star-09.txt
Thread-Index: AQHVbWjszTb66UWWSkKHoeeZZCYkt6cwG2yA
Date: Tue, 17 Sep 2019 16:12:46 +0000
Message-ID: <362E97D2-CDFA-48CD-A67E-0E21FEE93596@arm.com>
References: <156873253748.17427.18416832692252873227@ietfa.amsl.com>
In-Reply-To: <156873253748.17427.18416832692252873227@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
x-originating-ip: [217.140.106.49]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 860d9ec5-a615-4520-af28-08d73b89e4ec
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:AM6PR08MB4724;
X-MS-TrafficTypeDiagnostic: AM6PR08MB4724:|VI1PR0802MB2463:
X-MS-Exchange-PUrlCount: 4
X-Microsoft-Antispam-PRVS: <VI1PR0802MB2463CE4E86E820A90DA3A5339C8F0@VI1PR0802MB2463.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:8882;
x-forefront-prvs: 01630974C0
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(376002)(366004)(396003)(39860400002)(346002)(136003)(54534003)(189003)(199004)(478600001)(5660300002)(8936002)(6116002)(6916009)(33656002)(76176011)(14454004)(81156014)(2906002)(81166006)(2501003)(66446008)(1730700003)(8676002)(25786009)(71190400001)(6506007)(966005)(53546011)(6486002)(66946007)(66476007)(66556008)(64756008)(71200400001)(91956017)(76116006)(186003)(66066001)(2351001)(66574012)(305945005)(7736002)(229853002)(3846002)(6436002)(99286004)(316002)(14444005)(486006)(102836004)(26005)(446003)(36756003)(6306002)(6246003)(86362001)(58126008)(6512007)(5640700003)(2616005)(11346002)(476003)(256004); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4724; H:AM6PR08MB4231.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: Qqp6oKtiV3C9PZxYjpGlgAkqYKcQMsRAk2mZlUs4Jm4TQ/vrKKiFx8j7QpMyO3NSQwM8cyjWDVT7WxH0s+KkMukDA4o6KF/L2LgBn1t6sG//3keUBz3451Pt8r80v3OBsQWq5L76vv5FeL5Kge3kEVjYnnFsAtVHUbTFV14ez6Yvi391gHmnrdKoyzhIOUn+xAdc9zQUK4+Say7Jjxgu64xqHfauY4Zd/gziF4XcV2W5OPEHpckWCM3y+R9lTxkfF4gubkS6j9ms73a0tXWhed8ruI26kHClJmFaNPPOSeQ0vM4id0WGZbdIcyF/y+RBEcmw8vSt0x/ysg8WQJ4lbpLhXRG+K2jX6dITbQNX46M/oMvEmqjz0XwGOSOmrpakEKA3Vqmp5TjBFGD40u+LF9ge+OvXEcJYVZI7l+sEDHE=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <8AC0D2DE8A5E454192E341801A5952DB@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4724
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT043.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(346002)(396003)(39860400002)(54534003)(40434004)(189003)(199004)(102836004)(6916009)(2501003)(6306002)(356004)(81156014)(66066001)(50466002)(70206006)(486006)(2351001)(7736002)(76130400001)(86362001)(126002)(70586007)(478600001)(47776003)(22756006)(25786009)(5660300002)(36756003)(336012)(966005)(316002)(26826003)(8936002)(76176011)(6246003)(1730700003)(6116002)(58126008)(14444005)(5024004)(446003)(305945005)(229853002)(3846002)(8676002)(23676004)(81166006)(6506007)(14454004)(476003)(26005)(436003)(2486003)(2906002)(6486002)(11346002)(36906005)(186003)(5640700003)(66574012)(99286004)(6512007)(2616005)(33656002)(63350400001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0802MB2463; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:TempError; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 47db25e9-3d4c-4eb3-9e51-08d73b89e0cc
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(710020)(711020)(4605104)(1401327)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR0802MB2463;
X-Forefront-PRVS: 01630974C0
X-Microsoft-Antispam-Message-Info: AN/HuDxf3EcJwRkwoS7zK7tkZntJkR7afrK9wUceHhFfxpSSPkAqefYmoH3woMOtrcnrIP6UA7PfT4xbZLUwEPfvQvntGVVqBqtOVKdFAE0m2xgtT9mUkIy/LoUaPWm4POFvu60TCmxW5BuL5GShEbxfq2zaw1o3PcQLJANXfp+PRsEXM8yhCD0Hhdop7ZkahIAzQ5h4YKBl6uqGSa74G/70ZR5dkzobxFF1bFUxPcexOQ3YKvaCuzJ+CaJsXwJrSdyH8dX3fWiJD7priRyEMu9auAHB/OwpqcE5LgEXb4t190VpmBmZ+cQOTRkeGZXajxjxxiVkwOmEanHJCmsgsgoZRt2CADQHDpP1Nut3YYeVYO708wW5OwB63n9Dt0MRcw5tar4WbZBvQZZtdyvugTXLTYXTSyoVCuwVhh6Mh3E=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Sep 2019 16:12:53.2348 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 860d9ec5-a615-4520-af28-08d73b89e4ec
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0802MB2463
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/SqsKA0l7vQsJLUXCpouV62HgOrc>
Subject: Re: [Acme] I-D Action: draft-ietf-acme-star-09.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2019 16:20:21 -0000

On 17/09/2019, 16:02, "Acme on behalf of internet-drafts@ietf.org" <acme-bounces@ietf.org on behalf of internet-drafts@ietf.org> wrote:
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-acme-star/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-acme-star-09
> https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-09
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-09
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/

This revision addresses Richard's review.

A summary of the changes (cut & paste from the changelog) is as follows:

   o  STAR Order and Directory Meta attributes renamed slightly and
      grouped under two brand new "auto-renewal" objects;
   o  IANA registration updated accordingly (note that two new
      registries have been added as a consequence);
   o  Unbounded pre-dating of certificates removed so that STAR certs
      are never issued with their notBefore in the past;
   o  Changed "recurrent" to "autoRenewal" in error codes;
   o  Changed "recurrent" to "auto-renewal" in reference to Orders;
   o  Added operational considerations for HTTP caches.

Cheers!

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email