Re: [Acme] Current Charter language

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 15 May 2015 18:45 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A2E71A1B43 for <acme@ietfa.amsl.com>; Fri, 15 May 2015 11:45:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hCuYRmPIniL3 for <acme@ietfa.amsl.com>; Fri, 15 May 2015 11:45:39 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40D5E1A1B03 for <acme@ietf.org>; Fri, 15 May 2015 11:45:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 060B7BEDF; Fri, 15 May 2015 19:45:38 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y6ohzeKgO-tS; Fri, 15 May 2015 19:45:36 +0100 (IST)
Received: from [10.87.48.26] (unknown [86.46.19.109]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 9CE08BEDB; Fri, 15 May 2015 19:45:35 +0100 (IST)
Message-ID: <55563ECE.2020708@cs.tcd.ie>
Date: Fri, 15 May 2015 19:45:34 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Ted Hardie <ted.ietf@gmail.com>
References: <CA+9kkMBvwLexviH97=dqj40-3-6i6+UMp7hFVzfCpY5_WJAaFQ@mail.gmail.com> <c3f7361df02b4ecfacf86c9ff655ea8f@ustx2ex-dag1mb2.msg.corp.akamai.com> <55563AB8.4050608@cs.tcd.ie> <CA+9kkMARqdWSqK1O-k5OmdmzUXQzx91in6P4Di237tTmzoEQKQ@mail.gmail.com>
In-Reply-To: <CA+9kkMARqdWSqK1O-k5OmdmzUXQzx91in6P4Di237tTmzoEQKQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------010606030408040506000203"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/_L6xzDcuSkR0Q-y4I1wt3RS-ygE>
Cc: "Salz, Rich" <rsalz@akamai.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] Current Charter language
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2015 18:45:41 -0000


On 15/05/15 19:38, Ted Hardie wrote:
> On Fri, May 15, 2015 at 11:28 AM, Stephen Farrell 
> <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
>
>
>
>     On 15/05/15 19:09, Salz, Rich wrote:
>     >> Any other obvious edits needed?
>     >
>     > LGTM
>
>     (no hats)
>
>     Me too. I like it and figure it's good enough.
>
>     The only thing I'd suggest maybe adding is the illustrative goal
>     that an "apt-get install apache" should be able to get the required
>     certificates for a web server automatically, if there is an acme
>     server that is willing to automate that far. And that a subsequent
>     "apt-get upgrade" on that box should ensure that the certificate
>     stuff needed for that apache install gets renewed if necessary.
>
>     I can see that it might be tricky to phrase that in language
>     that works in a charter though, but maybe someone's feeling nicely
>     creative.
>
>
> ​ Well, at the moment we says this:
>
> "All of the processing must be done in a manner that is compatible
> with common service deployment environments, such as hosting
> environments.​"
>
> Perhaps we can add something just after like this:
>
> "Simplicity in certificate installation and maintenance are
> key design goals.  Enabling this process to be incorporated
> into the standard installation and upgrades of web servers
> via a single command line invocation or flag would be
> especially desirable".
>
> That's less catchy than "apt-get install acme-cert", but it
> may be more charter-y.
>
> Is that worth doing?
I like it anyway. I'm fine if you'd prefer to go ahead without
it though,
S.

> Ted
>
>
>     The reason to want this in (for me) is that I think that example
>     can ground the work and be useful to head off some potential rat
>     holes that might otherwise crop up. And it captures the by far
>     most important requirement for acme to meet which is good to keep
>     in front of us.
>
>     Cheers,
>     S
>
>     >
>     > --
>     > Senior Architect, Akamai Technologies
>     > IM: richsalz@jabber.at <mailto:richsalz@jabber.at> Twitter: RichSalz
>     > _______________________________________________
>     > Acme mailing list
>     > Acme@ietf.org <mailto:Acme@ietf.org>
>     > https://www.ietf.org/mailman/listinfo/acme
>     >
>     >
>
>