[Acme] Fwd: New Version Notification for draft-ietf-acme-star-delegation-01.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Tue, 27 August 2019 06:28 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9492120F9D for <acme@ietfa.amsl.com>; Mon, 26 Aug 2019 23:28:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hKmRMWEIxE_j for <acme@ietfa.amsl.com>; Mon, 26 Aug 2019 23:28:32 -0700 (PDT)
Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 044D3120F10 for <acme@ietf.org>; Mon, 26 Aug 2019 23:28:32 -0700 (PDT)
Received: by mail-io1-xd32.google.com with SMTP id p12so43761320iog.5 for <acme@ietf.org>; Mon, 26 Aug 2019 23:28:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:to:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=ArZiRDX2LC2OJwc78dPsKaEnfieWHLZ5MvXfu6Fb/vo=; b=AS62VJjcRTcl2jxca20kkG0Ru7M5GQpbFFSqX9uDgc/BZXk+YQUBjROQn5wuoNQq3q ur5qHl6pfvguu1cOv1fwQbwgEelIq1RMZY6VZnsjWY67Hv2E/Qh9O4af+KNcDOhAEevi PcMKJlb4JGMbBKsA/D6GaveF/p4xIQmMcSoFrnXhePo6xOXMo+XhXDF2bfQFTArOnF7w D1O5QhM6/X5Xm8/AlW0W6XAIcFYBVsPzA0JZHMeqKXDyJZlCUlRIplJe02iudN24+cfT Q6HR0TAB6fJkm0sZgOfEckB9a7sHpPDckK55fB3zzdimV086x8xCcMQwIWEOpJneslCc OxaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=ArZiRDX2LC2OJwc78dPsKaEnfieWHLZ5MvXfu6Fb/vo=; b=AZaZCH5cNUXZrGVXedeSmpL15wqMh6DAUCApbTSxcznPQ6YM8i7gIjigWWSH5MTnV+ dZacn+g1lkIQ8g9xawnn+jpvMKLV/5m0/MgcMsnIPoVKnfbz+KqLg7zmNASjHQZjZ+XB Mu9m9OkMWl5loZpRF+yivMUve7gV/3hzRmKQHIcTN0XT8Dn3ZmriYb4C+CNx6SnbIF1B hHZEyMIrT6bCpLp7nJOUMancH1IzXnfuLtzKDNkVe6R+cN8m9B0Q8/VL9OfudQX1C1xM ODbqWIq+LI3VTcZlnAwMRmq5j5yGmv/gC+yOjs85ibMNQ9Au2ubOYyb9iECPMAVLPaL4 BkBQ==
X-Gm-Message-State: APjAAAX7p+iMio+Fe3fChyEikZBLJ/iUaSwUNuictTY5SXbuAf2eP4Ap xO1A6tOjTkqoCUi2dvtso8ZEc5OoTWU=
X-Google-Smtp-Source: APXvYqyTohgnODNrYm2g/o6VH9AMfmGMewBG8KZSFWtvg1b29IdVcf9q72DL91XhMgaamLnW287b8Q==
X-Received: by 2002:a5d:93c4:: with SMTP id j4mr19287523ioo.80.1566887311154; Mon, 26 Aug 2019 23:28:31 -0700 (PDT)
Received: from [10.20.8.46] ([209.37.97.194]) by smtp.gmail.com with ESMTPSA id z3sm12943862ioi.54.2019.08.26.23.28.30 for <acme@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Aug 2019 23:28:30 -0700 (PDT)
References: <156688663499.2633.13348873823926960427.idtracker@ietfa.amsl.com>
To: "acme@ietf.org" <acme@ietf.org>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Forwarded-Message-Id: <156688663499.2633.13348873823926960427.idtracker@ietfa.amsl.com>
Message-ID: <0d62ec19-399c-94e7-a44a-098ccf99bc7e@gmail.com>
Date: Mon, 26 Aug 2019 23:28:29 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <156688663499.2633.13348873823926960427.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/UJbYT2eOQveqM3ULhl8VjttkaWw>
Subject: [Acme] Fwd: New Version Notification for draft-ietf-acme-star-delegation-01.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Aug 2019 06:28:34 -0000
The new version contains some significant changes: - Addition of the STIR use case. - Refinement of the CDNI use case. - Addition of the CSR template (partial, more work required). - Further security considerations (work in progress). Thanks, Yaron -------- Forwarded Message -------- Subject: New Version Notification for draft-ietf-acme-star-delegation-01.txt Date: Mon, 26 Aug 2019 23:17:15 -0700 From: internet-drafts@ietf.org To: Yaron Sheffer <yaronf.ietf@gmail.com>, Thomas Fossati <thomas.fossati@nokia.com>, Antonio Agustin Pastor Perales <antonio.pastorperales@telefonica.com>, Antonio Pastor <antonio.pastorperales@telefonica.com>, Diego Lopez <diego.r.lopez@telefonica.com> A new version of I-D, draft-ietf-acme-star-delegation-01.txt has been successfully submitted by Yaron Sheffer and posted to the IETF repository. Name: draft-ietf-acme-star-delegation Revision: 01 Title: An ACME Profile for Generating Delegated STAR Certificates Document date: 2019-08-26 Group: acme Pages: 17 URL: https://www.ietf.org/internet-drafts/draft-ietf-acme-star-delegation-01.txt Status: https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/ Htmlized: https://tools.ietf.org/html/draft-ietf-acme-star-delegation-01 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-delegation Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-delegation-01 Abstract: This memo proposes a profile of the ACME protocol that allows the owner of an identifier (e.g., a domain name) to delegate to a third party access to a certificate associated with said identifier. A primary use case is that of a CDN (the third party) terminating TLS sessions on behalf of a content provider (the owner of a domain name). The presented mechanism allows the owner of the identifier to retain control over the delegation and revoke it at any time by cancelling the associated STAR certificate renewal with the ACME CA. Another key property of this mechanism is it does not require any modification to the deployed TLS ecosystem. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Acme] Fwd: New Version Notification for draft-ie… Yaron Sheffer
- [Acme] FW: Fwd: New Version Notification for draf… Salz, Rich
- Re: [Acme] Fwd: New Version Notification for draf… Ryan Sleevi
- Re: [Acme] Fwd: New Version Notification for draf… Thomas Fossati
- Re: [Acme] Fwd: New Version Notification for draf… Yaron Sheffer
- Re: [Acme] Fwd: New Version Notification for draf… Ryan Sleevi
- Re: [Acme] Fwd: New Version Notification for draf… Yaron Sheffer