Re: [Acme] Call for adoption STAR (short-term automatically-renewed) certificates
"Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com> Thu, 08 June 2017 20:58 UTC
Return-Path: <thomas.fossati@nokia.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ABF31294D8 for <acme@ietfa.amsl.com>; Thu, 8 Jun 2017 13:58:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cZQ71z737aZx for <acme@ietfa.amsl.com>; Thu, 8 Jun 2017 13:58:29 -0700 (PDT)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10099.outbound.protection.outlook.com [40.107.1.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45C70127B52 for <acme@ietf.org>; Thu, 8 Jun 2017 13:58:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=g561SAdw2emBj4px9hQmtkZPcv7GJDQ3tbjVyllaF0s=; b=iMT2cuNFbnrMklSUUJ8wy6nGz3djWSrNYD6OfSM1V5n9b/qz0baazsySwluek+dZr5IgFsRV2HgeOUbUcFRGbb+po0p7vmSJILZDKD4IZ2PYT9yg49hqR+6HAzuL6BVF90fBm89C9OubWkqOqQ4dxV9frUsXcT1ZZG5XqAhp3vI=
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com (10.163.168.26) by VI1PR07MB1455.eurprd07.prod.outlook.com (10.165.238.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1157.3; Thu, 8 Jun 2017 20:58:26 +0000
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::9a3:9232:3cfb:3aaf]) by VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::9a3:9232:3cfb:3aaf%13]) with mapi id 15.01.1157.010; Thu, 8 Jun 2017 20:58:25 +0000
From: "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
To: Russ Housley <housley@vigilsec.com>, Rich Salz <rsalz@akamai.com>
CC: IETF ACME <acme@ietf.org>, "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
Thread-Topic: [Acme] Call for adoption STAR (short-term automatically-renewed) certificates
Thread-Index: AdLgb8DFIV0Qb+TDSFGZ+VszbaxnegAIZKMAAARBRgA=
Date: Thu, 08 Jun 2017 20:58:24 +0000
Message-ID: <10401162-CE07-4612-BC02-AC9591F2F8F0@on.nokia.com>
References: <38420507dd4a4d0ab1e82ff5a8c07a00@usma1ex-dag1mb1.msg.corp.akamai.com> <3A8069D0-9194-4773-A991-31DC70891912@vigilsec.com>
In-Reply-To: <3A8069D0-9194-4773-A991-31DC70891912@vigilsec.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=nokia.com;
x-originating-ip: [92.20.249.149]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB1455; 7:scFr9uVG6InL6Ivru5T0Dpx0bRKsVJKgrEr9SIcpEd7U9Z7b6AJWVpqDfQsih3mS+JpupxXH/2Ouqf16FHza1RrLLjdm5KJyDwBF2uGv46nWDLy5JlUVDPidzIIG8dPg240wMfUWFRyuavg3aXMz7rQR1P3fgJ2dlRknHcPzcvmMNBvvGssjEAf0hEaWXpNwy39aC8BryeYdNndMr0m5Cebid2H0hyf84LrrDJBb2X686GLZO7+ry+NrzxC5tLUhtXkwIJXDiJhbwI3NQ/5xE5gHtlZYGrsSknRlvlNDvvDHAbxDAy0TQhA+t+LRNFwnYJKi33bMAXOzbGyw8019sQ==
x-forefront-antispam-report: SFV:SKI; SCL:-1SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39840400002)(39400400002)(39860400002)(39410400002)(39850400002)(377454003)(24454002)(5660300001)(7736002)(50986999)(54356999)(83716003)(2950100002)(76176999)(6512007)(966005)(2906002)(6306002)(107886003)(3280700002)(14454004)(82746002)(2900100001)(5250100002)(6506006)(3846002)(102836003)(3660700001)(6436002)(99286003)(53546009)(53936002)(54906002)(6246003)(189998001)(66066001)(25786009)(6486002)(8676002)(86362001)(229853002)(81166006)(8936002)(305945005)(33656002)(38730400002)(478600001)(4326008); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB1455; H:VI1PR07MB1102.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
x-ms-traffictypediagnostic: VI1PR07MB1455:
x-ms-office365-filtering-correlation-id: 67f40681-1341-4c55-d8d6-08d4aeb11af1
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081)(201702281549075); SRVR:VI1PR07MB1455;
x-microsoft-antispam-prvs: <VI1PR07MB14558D34B2D2A0CE99B60D1780C90@VI1PR07MB1455.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(148322886591682)(120809045254105)(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(100000703101)(100105400095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123564025)(20161123560025)(20161123558100)(20161123555025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:VI1PR07MB1455; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:VI1PR07MB1455;
x-forefront-prvs: 0332AACBC3
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <5DBC2B0662BA4045B3C4EF7CFCE384C5@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jun 2017 20:58:24.9593 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB1455
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/gCT0_43Ad2AeMO5QgcBHYLj22kc>
Subject: Re: [Acme] Call for adoption STAR (short-term automatically-renewed) certificates
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jun 2017 20:58:32 -0000
Hi Russ, On 08/06/2017, 20:56, "Acme on behalf of Russ Housley" <acme-bounces@ietf.org on behalf of housley@vigilsec.com> wrote: > After very quickly looking at the document, I am not clear which > parts will make up the ACME extensions. I need more clarity to > offer an opinion. The new scope would be the extension to ACME that allows automatic renewal of the order, i.e., sections 3.4 and 3.5 of the current draft. Cheers, t > Russ > > > On Jun 8, 2017, at 12:25 PM, Salz, Rich <rsalz@akamai.com> wrote: > > > > At the June 2 interim, we had consensus to > > adopt https://datatracker.ietf.org/doc/draft-sheffer-acme-star/ as > > a WG document, subject to splitting it into two documents, the > > ACME extension in one, and the delegation protocol in another. > > This corresponds to #1 and #2 in the abstract of the draft. > > > > The authors have agreed to do this. Assuming that the split > > document is done, are there any objections to adopting *the ACME > > extensions* as a WG document? Please respond by the end of next > > week. We will have a separate discussion on the other protocol. > > > > -- > > Senior Architect, Akamai Technologies > > Member, OpenSSL Dev Team > > IM: richsalz@jabber.at Twitter: RichSalz
- [Acme] Call for adoption STAR (short-term automat… Salz, Rich
- Re: [Acme] Call for adoption STAR (short-term aut… Russ Housley
- Re: [Acme] Call for adoption STAR (short-term aut… Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [Acme] Call for adoption STAR (short-term aut… Russ Housley
- Re: [Acme] Call for adoption STAR (short-term aut… Richard Barnes
- Re: [Acme] Call for adoption STAR (short-term aut… Salz, Rich
- Re: [Acme] Call for adoption STAR (short-term aut… Melinda Shore
- Re: [Acme] Call for adoption STAR (short-term aut… Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [Acme] Call for adoption STAR (short-term aut… Fossati, Thomas (Nokia - GB/Cambridge, UK)