Re: [Acme] Call for adoption of draft-misell-acme-onion-02
Deb Cooley <debcooley1@gmail.com> Thu, 22 June 2023 09:53 UTC
Return-Path: <debcooley1@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F47DC14CE2E; Thu, 22 Jun 2023 02:53:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.844
X-Spam-Level:
X-Spam-Status: No, score=-6.844 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UMQsGW70tuGi; Thu, 22 Jun 2023 02:53:32 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADEACC14CF09; Thu, 22 Jun 2023 02:53:32 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id ca18e2360f4ac-77b00bb3fd6so9227839f.1; Thu, 22 Jun 2023 02:53:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1687427611; x=1690019611; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EjrGGpxDY5YVxGvs+fMSfVN/PiI+8E7O0zQPjdpcjOc=; b=g80NcHQDFxtcksUeeCdviMDcpEZ1Z8mONtNQZ4HzFt3917N1PFMqselgGitghkv+G9 J1jvzhFyDxevz3Eq38u6jrXoOqsHluDy/jAM46lZVMaNSQ5hHcfFDrTujHPxBPTYnvze T5VA2RgLmwZV2nbSB96U56vaS2Q9VBmpxcL78d+5hgx7w5W6sHHfV/hSr65EsHDw6IsP wY3vEn1j7XM9UYNYqE/rx5t1yI6hQPgI5qyAr/foSO4XhE1xu98czCefpnq+094SZ0+P +y0HolIh/I5PwxVODPQLc7Qlt9t/sMIWP94YP5Svx8a4fYD3p3oz8+CWX3q7npRKP19a ldUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687427611; x=1690019611; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EjrGGpxDY5YVxGvs+fMSfVN/PiI+8E7O0zQPjdpcjOc=; b=YCG8IFOe/cUNOcpWIxA2I+kNWYsnoBeUJnN8F+nHt+vM0J7o7eW5iaNYwY7L+fz8Dq vBhSV55Am6Ihq7vNQ27MmW7O46Xmm/oIs4x2vn41j288RNV7B1sDNh07GlHjpTpWgtN+ 9v8LAflbAN2BCJ9OzIBDdYDohw6QDDCany7DcrMdc23n8Jkh86+1fRIsZraHCPZtkGJg itzYkRBzEPegmZsLeV1ymDzbfCi9vgnzBOYBRy5kmaGEoHuqM2eZkR7nCHsvgDfxFCgC 7y2Ag7QE3W5DLb9h74COAMd+HkefRggUyXy8iPVSMJNJzYYJXAVNufJuNBqcKaoUKPJ4 n+yQ==
X-Gm-Message-State: AC+VfDyfXggeGTteJdCGbpbFY/YQppMWFqdxW/oRm1I4JqZeH2ln9zCm UD3PH6WbSvXCaSfKUZp59DRUtiX1r9UN3KPMpkdC0wk=
X-Google-Smtp-Source: ACHHUZ55Ua6TJ89B3kG9BdbuG+75gudc9pjvy4L2qFQrkx5Hqd1Xcq4Eq4SwWBFar4ys28mKNRLoQoLfQygLiOQYnoE=
X-Received: by 2002:a05:6e02:d48:b0:343:ef5e:8286 with SMTP id h8-20020a056e020d4800b00343ef5e8286mr2682831ilj.7.1687427611481; Thu, 22 Jun 2023 02:53:31 -0700 (PDT)
MIME-Version: 1.0
References: <CAGgd1OdHCZg=g+2E56YyMdizNgm0_K+cOtcqJCEJD=NBrAo-6w@mail.gmail.com> <CAEmnErfGf_wNcCYjG6ctYy0N5-LFZdJ_1bHNzwrdvL8_9rYjcw@mail.gmail.com> <4916e0e2-ec04-8172-e84d-145543c3e34c@gmail.com>
In-Reply-To: <4916e0e2-ec04-8172-e84d-145543c3e34c@gmail.com>
From: Deb Cooley <debcooley1@gmail.com>
Date: Thu, 22 Jun 2023 05:53:20 -0400
Message-ID: <CAGgd1Oc87aT=bVwbZEvoNazDfmsNYQbuuAkpCttkuraQrEL4Lw@mail.gmail.com>
To: acme@ietf.org, Q Misell <q@as207960.net>
Cc: acme-chairs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000005dddc905feb4db04"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/h61EvyQjFER9geA5adKa8u9T-x8>
Subject: Re: [Acme] Call for adoption of draft-misell-acme-onion-02
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 09:53:33 -0000
There is sufficient interest to adopt this draft. Thank you, Deb On Fri, Jun 9, 2023 at 5:06 PM Seo Suchan <tjtncks@gmail.com> wrote: > for CAA mechanism for tor, I'm don't think acme working group is right > place to talk about it: as they effect non-acme CA that sign certificate > for onion, shouldn't it need to be handled on lamps subject (as there is > where CAA rfc was discussed) > 2023-06-10 오전 1:55에 Aaron Gable 이(가) 쓴 글: > > Hi all, > > I support the draft for adoption. Specifically, I think it's a good thing > to standardize the onion-csr-01 challenge type. I have two classes of > comments that I look forward to discussing in-depth after adoption: > 1) Obviously it's valuable for this draft to standardize a method that is > already accepted by the CA/BF. But in the long term there's no need to use > a CSR as the transport mechanism for a random token, a public key, and a > signature -- moving away from x509 for this would be nice in the long term. > Probably out-of-scope for this document, but worth discussing. > 2) The primary benefit of the onion-csr-01 method is that it allows the CA > to perform domain control validation without operating a Tor client. > However, this benefit is obviated entirely by the need to operate a Tor > client to check for CAA in the hidden service descriptor. It seems likely > that there are CAs which have avoided implementing HTTP-01 and TLS-ALPN-01 > for .onion due to the need to operate a Tor client; these same CAs may have > been willing to implement ONION-CSR-01, but now will not due to the CAA > mechanism. > > Thanks, > Aaron > > On Sun, Jun 4, 2023 at 4:07 AM Deb Cooley <debcooley1@gmail.com> wrote: > >> This will be a two week call for adoption ending on 16 June. Please >> speak up either for or against adopting this draft. >> >> Thanks, >> Deb >> _______________________________________________ >> Acme mailing list >> Acme@ietf.org >> https://www.ietf.org/mailman/listinfo/acme >> > > _______________________________________________ > Acme mailing listAcme@ietf.orghttps://www.ietf.org/mailman/listinfo/acme > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] Call for adoption of draft-misell-acme-oni… Deb Cooley
- Re: [Acme] Call for adoption of draft-misell-acme… Stephen Farrell
- Re: [Acme] Call for adoption of draft-misell-acme… Amir Omidi
- Re: [Acme] Call for adoption of draft-misell-acme… Amir Omidi
- Re: [Acme] Call for adoption of draft-misell-acme… Q Misell
- Re: [Acme] Call for adoption of draft-misell-acme… Seo Suchan
- Re: [Acme] Call for adoption of draft-misell-acme… Q Misell
- Re: [Acme] Call for adoption of draft-misell-acme… Aaron Gable
- Re: [Acme] [EXTERNAL] Re: Call for adoption of dr… Mike Ounsworth
- Re: [Acme] Call for adoption of draft-misell-acme… Seo Suchan
- Re: [Acme] Call for adoption of draft-misell-acme… Deb Cooley