Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt
"Salz, Rich" <rsalz@akamai.com> Tue, 27 February 2024 14:34 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 026BBC151079; Tue, 27 Feb 2024 06:34:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.804
X-Spam-Level:
X-Spam-Status: No, score=-2.804 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h5CQhAu85mEJ; Tue, 27 Feb 2024 06:34:29 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CB85C14F5EB; Tue, 27 Feb 2024 06:34:29 -0800 (PST)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.17.1.24/8.17.1.24) with ESMTP id 41RE2hAH006432; Tue, 27 Feb 2024 14:34:29 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=jan2016.eng; bh=TsrE/jTiZRU+kukuKC YFBG0VmehkcEqx8UDTqMEcQxQ=; b=LUBrujkYaIZJ/9u2NYyv5hykv3jFKBENFG EHWyYQa3a3W3xpSITObNuG9mxY044BNCtnlCH1yIDY/E7y5d1Rl2FaJl+IzzG4QP hGkK5Fi0bKHcF8vb0eEk3/HCbu66BBwlgePt5g87PM1rq6YnCy2ENGdahDypUMW6 T4Nw9AWsrGVXfM/L/vwKgYCFTzczktL/w8n5hX5Gnb8tWKHQH9ELhxSE1sA0Kokb ZPz6IeauaCs6ScrJUfdokyhVcCougwOYhbc43vy8yQC5JSTKCGR0oJicCQhBbtnX yQy1I/JubOGi8yYyuFpYDSd5BTy5a9ho64QZQdE8JCNLwRAXjp3w==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by m0050093.ppops.net-00190b01. (PPS) with ESMTPS id 3wf8kvdt1k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Feb 2024 14:34:28 +0000 (GMT)
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 41REY3Db007000; Tue, 27 Feb 2024 09:34:27 -0500
Received: from email.msg.corp.akamai.com ([172.27.50.206]) by prod-mail-ppoint8.akamai.com (PPS) with ESMTPS id 3wfcp2tdrc-6 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Feb 2024 09:34:27 -0500
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb7.msg.corp.akamai.com (172.27.50.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Tue, 27 Feb 2024 06:33:55 -0800
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1258.028; Tue, 27 Feb 2024 06:33:55 -0800
From: "Salz, Rich" <rsalz@akamai.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Carl Wallace <carl@redhoundsoftware.com>, Aaron Gable <aaron@letsencrypt.org>
CC: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] I-D Action: draft-ietf-acme-ari-03.txt
Thread-Index: AQHaWtH79m/RtX2s40Oi8qKjtUQyPrEdMTEAgAEZmoCAAFsZAP//6Y+AgAABL4A=
Date: Tue, 27 Feb 2024 14:33:55 +0000
Message-ID: <C4A290D5-B287-44EC-A98A-98CCCBB3C9D7@akamai.com>
References: <170742607913.20668.4615074555122263660@ietfa.amsl.com> <D16919B8-E602-4DA0-AF0A-D02EC327F019@redhoundsoftware.com> <CAEmnEreT3MGMr7rEMDJf4D6dMyRt+AU0ySyPtby8b_t9ZheX7g@mail.gmail.com> <C4FC3915-A5C7-47D1-8326-41A3B90B5960@redhoundsoftware.com> <76586E07-08EB-45A8-B462-A91920888DEE@akamai.com>
In-Reply-To: <76586E07-08EB-45A8-B462-A91920888DEE@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.81.24012814
x-originating-ip: [172.27.118.139]
Content-Type: multipart/alternative; boundary="_000_C4A290D5B28744ECA98A98CCCBB3C9D7akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-26_11,2024-02-27_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 phishscore=0 adultscore=0 mlxscore=0 malwarescore=0 mlxlogscore=855 suspectscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402270112
X-Proofpoint-GUID: w7E3Is4t7KM7U8Avj4u6OoBw9xduhzS_
X-Proofpoint-ORIG-GUID: w7E3Is4t7KM7U8Avj4u6OoBw9xduhzS_
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-26_11,2024-02-27_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 lowpriorityscore=0 bulkscore=0 impostorscore=0 phishscore=0 clxscore=1015 spamscore=0 mlxlogscore=757 malwarescore=0 mlxscore=0 suspectscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2402120000 definitions=main-2402270112
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/W6fhm2vkFyrGgmjo5Yg-vtg2s70>
Subject: Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Feb 2024 14:34:33 -0000
And the β(without the tag and length bytes)β should not be in parenthesis, as it is not an aside but a key requirement. From: Acme <acme-bounces@ietf.org> on behalf of "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org> Date: Tuesday, February 27, 2024 at 9:30 AM To: Carl Wallace <carl@redhoundsoftware.com>, Aaron Gable <aaron@letsencrypt.org> Cc: "acme@ietf.org" <acme@ietf.org> Subject: Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt [CW] I meant something like this (which also corrects a typo in the third word): βThe unique identifier is constructed by concatenating the base64url-encoding (see Section 5 of [RFC4648]) of the bytes of the keyIdentifier field of certificate's Authority Key Identifier (AKI) extension (see Section 4.2.1.1 of [RFC5280]), a literal period, and the base64url-encoding of the bytes of the DER encoding of the certificate's Serial Number (without the tag and length bytes).β Or you could break it into multiple sentences. The unique identifier is constructed by concatenating the base64url-encoding of the bytes of the keyIdentifier field of certificate's Authority Key Identifier (AKI) extension, a literal period, and the base64url-encoding of the bytes of the DER encoding of the certificate's Serial Number (without the tag and length bytes). The encoding is defined in Section 5 of [RFC4648] and the AKI extension is defined in Section 4.2.1.1 of [RFC5280].
- [Acme] I-D Action: draft-ietf-acme-ari-03.txt internet-drafts
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Carl Wallace
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Aaron Gable
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Carl Wallace
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Salz, Rich
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Salz, Rich
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Rob Stradling
- Re: [Acme] I-D Action: draft-ietf-acme-ari-03.txt Aaron Gable