[Acme] Fwd: New Version Notification for draft-ietf-acme-star-03.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Sun, 04 March 2018 05:01 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5644A126579 for <acme@ietfa.amsl.com>; Sat, 3 Mar 2018 21:01:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wedj4PkonEAH for <acme@ietfa.amsl.com>; Sat, 3 Mar 2018 21:01:31 -0800 (PST)
Received: from mail-wr0-x22d.google.com (mail-wr0-x22d.google.com [IPv6:2a00:1450:400c:c0c::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C4E0126BF0 for <acme@ietf.org>; Sat, 3 Mar 2018 21:01:31 -0800 (PST)
Received: by mail-wr0-x22d.google.com with SMTP id m12so13904945wrm.13 for <acme@ietf.org>; Sat, 03 Mar 2018 21:01:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:to:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=Lh9IvLWZaue4Jaq3zkcjE465J+WNLAXpZ+QiAm+Itjw=; b=N2Az8HrIiiGXS0pNFJONGIV9GseFlQXHi+H7Ll86+edkNs3i4cMx3RDGI1YWRdAwOX J9tNuJ/aTCtyVfJGnE2l92SFm36Oo59FNiOA7BSnrLI/2teiEKcrflvUmyGCwiQdvUzK zKdE/aQkXeaWcVKfHuhTAVL/pnssabldzOGlEmAkW+aIt5A+J2y5nW94ALB17gq+y6AX 5y/6BV8T5qqS7fszJTFdDTstuA4ZZDulmyCH7I7K+D1S661Zcg4yNpKQaxSVIlssro3E 8Syq45bsTqVeFZDy11e7e532dKaiavZ9C3oLFd9MG7cIxb3kKwEwa+S1BB056eCTybz/ NV4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=Lh9IvLWZaue4Jaq3zkcjE465J+WNLAXpZ+QiAm+Itjw=; b=uNr1Kcv0hFeQxgMt7R7FjCDsXF+KE/ahDL0glt/VPTaHn2v/MfAtfpM5JgzUL/0hqr vj/1VxfmM5uLObzSNaKI8//Rc1iONCg+SWbgl5mD7S3lyA2KbUgDTrlKUJRmsJdA7Z4S ixfDJsMyF3BT7/gdBciGGuv50Uuv5uU9/4uSbI3IhGJOVRD4aXcYAXhnUnjumpHXaOuJ KEj3ErEikwujJPJEfkae8DHSIu68goQx0cjnnyZdpIZya0ZIKJCU2D38qwUc/HI55usE ntmh0WPW1Z2lhkrxtHX6B/TTQ0AihzIRwtpc6P15Uwo7Lrfp6jkTcksSiLVk57CWJx5/ x6VA==
X-Gm-Message-State: APf1xPB0Q+NfT1P8UD4jdBwEvRltpcVJ3ABKZTBisaU2oa9Get5gh4Wn b1hitWDKYQYtdfoTibglP3Q17IX7
X-Google-Smtp-Source: AG47ELuXLy83NX7705OnmczFES66oMO2vHxlTS82Ox8+2V3BN6SttSmcv9LowwfcljOUB5Cl5Xge1Q==
X-Received: by 10.223.186.66 with SMTP id t2mr9897895wrg.155.1520139689360; Sat, 03 Mar 2018 21:01:29 -0800 (PST)
Received: from [192.168.43.74] ([2.53.61.99]) by smtp.gmail.com with ESMTPSA id u127sm6161955wmd.30.2018.03.03.21.01.27 for <acme@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 03 Mar 2018 21:01:28 -0800 (PST)
References: <152010897008.8294.6311968497499525757.idtracker@ietfa.amsl.com>
To: "acme@ietf.org" <acme@ietf.org>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Forwarded-Message-Id: <152010897008.8294.6311968497499525757.idtracker@ietfa.amsl.com>
Message-ID: <179f7d84-40ad-fa1b-4c58-f469baadf440@gmail.com>
Date: Sun, 04 Mar 2018 07:01:25 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <152010897008.8294.6311968497499525757.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/WU-VcKTbXwf-AOeiZfRQBsR1ihc>
Subject: [Acme] Fwd: New Version Notification for draft-ietf-acme-star-03.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Mar 2018 05:01:33 -0000
This new version of the draft adds a discussion of time skew in practice and what it implies for the validity term of short-term certificates, as well as the considerations related to the Certificate Transparency (CT) infrastructure. Thanks, Yaron -------- Forwarded Message -------- Subject: New Version Notification for draft-ietf-acme-star-03.txt Date: Sat, 03 Mar 2018 12:29:30 -0800 From: internet-drafts@ietf.org To: Oscar Gonzalez de Dios <oscar.gonzalezdedios@telefonica.com>, Yaron Sheffer <yaronf.ietf@gmail.com>, Thomas Fossati <thomas.fossati@nokia.com>, Oscar de Dios <oscar.gonzalezdedios@telefonica.com>, Diego Lopez <diego.r.lopez@telefonica.com>, Antonio Agustin Pastor Perales <antonio.pastorperales@telefonica.com>, Antonio Pastor <antonio.pastorperales@telefonica.com> A new version of I-D, draft-ietf-acme-star-03.txt has been successfully submitted by Yaron Sheffer and posted to the IETF repository. Name: draft-ietf-acme-star Revision: 03 Title: Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME) Document date: 2018-03-03 Group: acme Pages: 20 URL: https://www.ietf.org/internet-drafts/draft-ietf-acme-star-03.txt Status: https://datatracker.ietf.org/doc/draft-ietf-acme-star/ Htmlized: https://tools.ietf.org/html/draft-ietf-acme-star-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-03 Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-03 Abstract: Public-key certificates need to be revoked when they are compromised, that is, when the associated private key is exposed to an attacker. However the revocation process is often unreliable. An alternative to revocation is issuing a sequence of certificates, each with a short validity period, and terminating this sequence upon compromise. This memo proposes an ACME extension to enable the issuance of short- term and automatically renewed (STAR) certificates. [RFC Editor: please remove before publication] While the draft is being developed, the editor's version can be found at https://github.com/yaronf/I-D/tree/master/STAR. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Acme] Fwd: New Version Notification for draft-ie… Yaron Sheffer