Re: [Acme] Remove combinations array
Richard Barnes <rlb@ipv.sx> Wed, 17 August 2016 19:42 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C7EF12D5CC for <acme@ietfa.amsl.com>; Wed, 17 Aug 2016 12:42:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pFpRb5UpSSMI for <acme@ietfa.amsl.com>; Wed, 17 Aug 2016 12:41:57 -0700 (PDT)
Received: from mail-ua0-x235.google.com (mail-ua0-x235.google.com [IPv6:2607:f8b0:400c:c08::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7212512D556 for <acme@ietf.org>; Wed, 17 Aug 2016 12:41:57 -0700 (PDT)
Received: by mail-ua0-x235.google.com with SMTP id 74so187830766uau.0 for <acme@ietf.org>; Wed, 17 Aug 2016 12:41:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xL0+bcJrtgGEMZOO073ubqb0tq4q9gQCD7kit8t+VLA=; b=CpYy3EqMlwNEWxNFZKgkLgXu5yhgQaR2Wt2BHn86va0IHXby0TdKhUtk23954NozLw P14JVwVAmUCCfYERccysDYMkgzfUawuecyYriPexPjYl9XgoZwkLdCDNnsqQeaNUv9Ze W0SX3QjZ3BbvN/qwS0oJPqaWxiatCYu7wvSCBAazrxOUQAE0Zd6De5hboJd9I1auA3Gx 2izLQEYbF4HVDyDimtalAJ5Frd2tkTjMPJRRZ2tfPx6zurE/yUrgJ/n8NrsfwFz180wn DTkXYckw3pmwvrSpEkVOj0ZzqlDwSLCIuB5whbVGmefBgkSCuPYRCa1qzvmgAD8KSuq4 MVWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xL0+bcJrtgGEMZOO073ubqb0tq4q9gQCD7kit8t+VLA=; b=QfE8KHpjdERCbki+GXEi6nkZliB7A8b6DqmWJrOPNumQH2rXrGWSdGSiSZeFZsWuxC 2+jyoLH9jEuqV1E9HY/PuMBlk8ETwc5k5O3WRn2QsZcTVwz5TJIAwtnq5gyeQ0oNd4Y1 n2Et+VCZ1YukxdsnGB7dz8m6VBcmnyjoE8JBFSIxuLnueIlKK+wEpf1gOYc/dVW534On yebFivs73jY9E5eaWDMMHZU9clKyzrEm+Q3L9kdpiVVxBC45vuMzy/fB7FKU1dJ0KkPy FqaGXv5J0td32C+EKkFX7rA8+jvuNn2oowQWAENstYgb+GQPJ8ioL1xF4L7QFHf5xcOf k5ag==
X-Gm-Message-State: AEkoouuAT9qTEHEhGaXKbv7QApy4aDVAQ+o+7oWfAXqskMDGAjdSeBCvFgxyddoTG5ZffZ+uydBAM7/PCDYYYw==
X-Received: by 10.31.10.67 with SMTP id 64mr19856758vkk.40.1471462916592; Wed, 17 Aug 2016 12:41:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.49.212 with HTTP; Wed, 17 Aug 2016 12:41:56 -0700 (PDT)
In-Reply-To: <e5054e02-af84-e87e-1c73-aa48876866e4@eff.org>
References: <e5054e02-af84-e87e-1c73-aa48876866e4@eff.org>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 17 Aug 2016 15:41:56 -0400
Message-ID: <CAL02cgRjz2gN-Wf-8ybCrtWEGw+d1EtqbFmwwK_JfFaiG=rw=g@mail.gmail.com>
To: Jacob Hoffman-Andrews <jsha@eff.org>
Content-Type: multipart/alternative; boundary="001a11451b1c71aae5053a49a82d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/cVRP6Mas9_G-mjv9HmxPZkp5Zeo>
Cc: "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] Remove combinations array
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Aug 2016 19:42:02 -0000
SGTM. I never like "combinations" much anyway :) I put one editorial comment in the PR. On Wed, Aug 17, 2016 at 2:22 PM, Jacob Hoffman-Andrews <jsha@eff.org> wrote: > https://github.com/ietf-wg-acme/acme/pull/171 > > This is a fairly complicated part of the protocol, and not used in > practice. For instance, in Let's Encrypt's implementation, there are > always three challenges, any one of which may be fulfilled by the client. > > After this change, all challenges are considered to be combined with an > "OR." That is, any challenge within an authorization may be completed to > make the authorization valid. > > Authorizations within the new-application object are considered to be > combined with an "AND." That is, all of them must become valid before > the certificate will be issued. The combination of the two means that we > have similar expressiveness as before, even without the combinations array. > > Thoughts? > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- Re: [Acme] Remove combinations array James Kasten
- Re: [Acme] Remove combinations array Richard Barnes
- [Acme] Remove combinations array Jacob Hoffman-Andrews