Re: [Acme] Removing TLS-SNI-02, plans for continuation of last-call
"Salz, Rich" <rsalz@akamai.com> Fri, 12 January 2018 18:03 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED3CB12785F for <acme@ietfa.amsl.com>; Fri, 12 Jan 2018 10:03:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Level:
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wZkG5mTDA0-R for <acme@ietfa.amsl.com>; Fri, 12 Jan 2018 10:03:21 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46E5C12D856 for <acme@ietf.org>; Fri, 12 Jan 2018 10:03:18 -0800 (PST)
Received: from pps.filterd (m0050102.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w0CHvVv0026540; Fri, 12 Jan 2018 18:03:16 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=eapaux4SqU75CXviXKaJHA3PzWr9hdKFsHVKNoDLcu0=; b=lZzXqTNulcbnpbIOcK9iDaTy+Xz5GWspgbqXmF4G3W3fZcsABsuppPP5yr3cimOIXvFD AGW2/pJSY2/686z3qaIWA8Z7Uin+CRnsr+AlVZiLy9SbmcdaBK9lnajPUfuqaXz0xZdE 1fiJ/eB9N2Nadw4nrbK3JQYzw1lJ75MQPKpvWE9Y1JdngWu46N0anV9zBp6SrPXY7DEG SC2OBW+8cyTegWXmPzwQMbDtC2fFhsZEe6SwGSuhIFp8h9YAaPss5DatDHTfwRlIQoi6 6sX4h8E+wAGuKCXpiWlBjf38HUYFf7aT6QjTDaq4/Jw8ogeX/2I1+V7gHXnfO+Aj5hB1 6A==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19]) by m0050102.ppops.net-00190b01. with ESMTP id 2fda9rvafg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 12 Jan 2018 18:03:15 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w0CI1b38005061; Fri, 12 Jan 2018 13:03:15 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.34]) by prod-mail-ppoint2.akamai.com with ESMTP id 2fatpebcp6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 12 Jan 2018 13:03:14 -0500
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com (172.27.123.105) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 12 Jan 2018 13:03:14 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 12 Jan 2018 13:03:14 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Fri, 12 Jan 2018 13:03:14 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: "cpu@letsencrypt.org" <cpu@letsencrypt.org>, IETF ACME <acme@ietf.org>
Thread-Topic: [Acme] Removing TLS-SNI-02, plans for continuation of last-call
Thread-Index: AQHTi807RT+9P/C9lUWLKalPkCxl26Nw23CA
Date: Fri, 12 Jan 2018 18:03:13 +0000
Message-ID: <6382F863-E0D4-45D6-A123-7BEEED8286B3@akamai.com>
References: <CAKnbcLgr3p3KZuUTAvBAcT_Nk-z0_smew4rfhAYm8D-vZp+i5g@mail.gmail.com>
In-Reply-To: <CAKnbcLgr3p3KZuUTAvBAcT_Nk-z0_smew4rfhAYm8D-vZp+i5g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.27.0.171010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.38.23]
Content-Type: multipart/alternative; boundary="_000_6382F863E0D445D6A1237BEEED8286B3akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-12_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=821 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801120244
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-12_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=770 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801120243
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/fb5aAY8EKjn2QPHSVKY6yGZ2MBk>
Subject: Re: [Acme] Removing TLS-SNI-02, plans for continuation of last-call
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2018 18:03:23 -0000
> In light of these issues and the feasibility of addressing them across the entire Internet it seems prudent that the ACME specification remove this challenge type pending the development of a better alternative (TLS-SNI-03?). I've submitted https://github.com/ietf-wg-acme/acme/pull/390<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_390&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=lD9fhB4R9RB19cI9GZRim3b1tMV3ftrWRKjrdQ8rIfA&s=pdniJCRiAq6-ze7TblykSE-M7LgoWreu4S1r-f2VOes&e=> to make this change. Does anyone on the WG object to doing this? Please respond by the end of next week. Editors, please hold off on merging the PR until we confirm consensus.
- [Acme] Removing TLS-SNI-02, plans for continuatio… Daniel McCarney
- Re: [Acme] Removing TLS-SNI-02, plans for continu… Jonathan Rudenberg
- Re: [Acme] Removing TLS-SNI-02, plans for continu… Salz, Rich
- Re: [Acme] Removing TLS-SNI-02, plans for continu… Ilari Liusvaara
- Re: [Acme] Removing TLS-SNI-02, plans for continu… Daniel McCarney
- Re: [Acme] Removing TLS-SNI-02, plans for continu… Daniel McCarney