[Acme] I-D Action: draft-ietf-acme-star-delegation-07.txt
internet-drafts@ietf.org Fri, 26 March 2021 11:26 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: acme@ietf.org
Delivered-To: acme@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id F13B53A1BEA; Fri, 26 Mar 2021 04:26:29 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: acme@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: acme@ietf.org
Message-ID: <161675798992.30168.11403148017644124473@ietfa.amsl.com>
Date: Fri, 26 Mar 2021 04:26:29 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/fWlWT-Lv65Zw_sN2Lb7TN1uuQCk>
Subject: [Acme] I-D Action: draft-ietf-acme-star-delegation-07.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 11:26:30 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Automated Certificate Management Environment WG of the IETF. Title : An ACME Profile for Generating Delegated Certificates Authors : Yaron Sheffer Diego López Antonio Agustín Pastor Perales Thomas Fossati Filename : draft-ietf-acme-star-delegation-07.txt Pages : 44 Date : 2021-03-26 Abstract: This memo defines a profile of the Automatic Certificate Management Environment (ACME) protocol by which the owner of an identifier (e.g., a domain name) can allow a third party to obtain an X.509 certificate such that the certificate subject is the delegated identifier while the certified public key corresponds to a private key controlled by the third party. A primary use case is that of a Content Delivery Network (CDN, the third party) terminating TLS sessions on behalf of a content provider (the owner of a domain name). The presented mechanism allows the owner of the identifier to retain control over the delegation and revoke it at any time. A key property of this mechanism is it does not require any modification to the deployed TLS ecosystem. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-acme-star-delegation-07.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-delegation-07 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/
- [Acme] I-D Action: draft-ietf-acme-star-delegatio… internet-drafts