IETF Logo Mail Archive

[Acme] FW: [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt

Mike Ounsworth <Mike.Ounsworth@entrust.com> Tue, 18 July 2023 23:54 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 421FFC1519AB for <acme@ietfa.amsl.com>; Tue, 18 Jul 2023 16:54:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.797
X-Spam-Level:
X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zKqkeSh1ppSH for <acme@ietfa.amsl.com>; Tue, 18 Jul 2023 16:54:27 -0700 (PDT)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F7BEC151993 for <acme@ietf.org>; Tue, 18 Jul 2023 16:54:27 -0700 (PDT)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.22/8.17.1.22) with ESMTP id 36ILaGpm027671 for <acme@ietf.org>; Tue, 18 Jul 2023 18:54:25 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:subject:date:message-id:references:in-reply-to :content-type:content-transfer-encoding:mime-version; s=mail1; bh=0IWECOR0rkz2BPFftDrlFMRIzAvcTV+9OHvgemmUN2g=; b=LUquRA5GfIP9 dQ9pjH+ULThWzOHITmfo9juzQMq6EBCu9g8l5ZVoA4Yeqd+5Dw2RB4ydbNnz/tgA jL/OgAYOXxcC+nB9+qHoxHT0pEQCjeJIIA7i6ecPBx4SlzP549kZJs0eycasAhfv tLbA80J9ehSt90Es+683oUk6WJ3J7+mW3422S2TtwdAmznrxdncwBTkxdhWmyvZW NEIIPAgN6CldmMv/PNC32HXFomG7Gv5EcmbKM1BXuIucaEkeNwAy4ZgJjKGBueNs /Drda6zsB3hOWeLJH/1/Sl59K7L1xfVIer7V+BoFP/5gvrXlouqLpuB9Z2B+xwyi F4ca/pfAUQ==
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2041.outbound.protection.outlook.com [104.47.66.41]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3rwbb6mmrx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Tue, 18 Jul 2023 18:54:25 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UVryYp0iQkhe+cvbUsCr5CAPougct+A5JcsersEbbI3ylXDT91O7edzGTh09bE5IjhMWky2UKm8mQNJIQwViwzdMBvOHs6jwINx8IojEcwqjSzLqni7hBdNjMEyvu8BWtlQgvLRwmPxUrbhFnrt+E4mC29k7u5RAoMbh6Z68yW96cYRccOZqGDZvokpIZrowh262RosRCUYXdWfdiFOdMmJXVk1v5iYcfhhm1559pJIfRqQ9eUk6jUkX+P2PMvRsPNcQ5NGmUDUqHYTJezXoighj9S8Ftmy1538BuafOqjY42ach196ke3LVm8/p8OVdNdWJHrjTMiz4SF6rscHctA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0IWECOR0rkz2BPFftDrlFMRIzAvcTV+9OHvgemmUN2g=; b=ZqRPMUCK9jT05BYM71IkjAVuNWmgk8ar+8SdOEc77Mbi7Z92ScdVn5ehPC/07XZTDunzuf6BHiIO4/BPCfKeXXbilMkDz0iqUFno5LHm7cA/arJtUShtDfy1Ys45vtbAxvgoxVQmqn/m0C4+Yd4H6yU2xAPrnJLARVo/157Ma//jiZL5DZ5ts2tkLnQwWynLzaTvYpxQJ1VcYOTYk18PKoON32NI11zJYubFAKb8Xp9xvrOcgwaNYA4YqqVaQCP20OIERgPM5jk7uPR84wattv9yLSYv5nPUImvXLuXstrV4ux9HGm/pjZy1fMEHolWW2WnlZb1HIY8FwZcvQg4yqw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by SA0PR11MB4592.namprd11.prod.outlook.com (2603:10b6:806:98::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6588.33; Tue, 18 Jul 2023 23:54:21 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d45b:42b9:5ab3:2e22]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d45b:42b9:5ab3:2e22%5]) with mapi id 15.20.6588.031; Tue, 18 Jul 2023 23:54:21 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt
Thread-Index: AQHZsBeqgO/Qy8UW2EKh0oZ3cvLhkK+s0GpwgBN1PhA=
Date: Tue, 18 Jul 2023 23:54:20 +0000
Message-ID: <CH0PR11MB5739CFA5EE0E13AD390D2EC89F38A@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <168865435873.61106.2850041921157081937@ietfa.amsl.com> <CH0PR11MB5739FDB26BF675925C449AA69F2CA@CH0PR11MB5739.namprd11.prod.outlook.com>
In-Reply-To: <CH0PR11MB5739FDB26BF675925C449AA69F2CA@CH0PR11MB5739.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|SA0PR11MB4592:EE_
x-ms-office365-filtering-correlation-id: 0fbc4d7d-c799-447d-ff4f-08db87ea4e3d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: GqgHY9tPwWkTFBWfClLtybwHbAXUGNgs++Cpneark2xPM5rw/+2veMl6P0/mMe184Vp79vwOOakqc6++XV6cR825C26ZVCdEGFs+ODrByOVMQhWu42oGzXxeKjY0nqWrunH5bf2GK2n78f10sJTh1MA73kiQW23CYSnQ3nXTCqOokQs0XhFDe4Q2oN+E6GBTszkZ6RG4nwU0FwuMueK4luVS58Of+RxvUshUsAq5EJHNgLxmqF56tdTK/WgjbsHszim+OymnjVImwF9rIq+ltu00eSeft+ZaYPqg6y6exmF/FB1sdmcwaHt9qDHngydgvy9YaWz9eRvH/P0Qg51Ylf03T4UBMbLW5NAV7CEFMgu1FijIbldN2dyNd4OS5jEXAze/mkZD1LDkIh2UnSbDLiGMZtp+QIyj/4k5i8sKxRdx5LIXVIY+gxWWloF5nH9h6zAX5OHoPHToE+C1cTwTGaLBeqsfeNGD+UudtyREzqejr1zyreizH1Oz8KU7Xnmp5/j3Ecl4AdV50qsXDNZNoLwPTqA+F/6JQSU9AOddtbR18Q3Jb2ljcjtES7MkXOu2EXQ2EQ8MWARvp4+loDdA3nIIddegd/WldiyivdpgMu8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(346002)(376002)(366004)(136003)(396003)(39860400002)(451199021)(316002)(41300700001)(66476007)(66556008)(64756008)(66946007)(6916009)(66446008)(5660300002)(8936002)(8676002)(33656002)(83380400001)(66574015)(38070700005)(86362001)(55016003)(38100700002)(122000001)(186003)(76116006)(26005)(9686003)(966005)(7696005)(53546011)(6506007)(478600001)(71200400001)(52536014)(15650500001)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Zf+5PEC5qZP6wzJe6AA7D9MHgLgeZYm2/8piaKzJPOcA5dt0r4rsRIQ7kYh7cH/Y++LcKdO5LYnYh2vfR9YUmP8up3BiQqgQvaQxOKLrL7AXwN7MVQmGrTxAIKHpNFTmddmR3/T7/lqK6hBEcSN8ABDx9wZDlJS0hpHZwn5N1EFGpL9e0td1tR1ogunjld4d/WX2XrAMAqK3A/9D6DMzS8VcssYfdDtThGwL0VjQylMKie3inY+HJn7ZkEsoCcFfH56SvU5VBTy6V+6ILdJ/JXo6bOKWDdJqQAV9iYyt0odkJu/lD9RyfQ2Ol1hbS4pFeCxeU7DDVgSUVxC6FrnGAcSci7Rb0aCTW9GPecmE6m1t/xiQ4wgj5hHTS9hqmrB4JQ4ZOWPnUSd80KW5ZI47SC9IZuaGf778wEDhp2yrxs+7jvIzIuLamyjrkCp7Ho31byUaanzmOr6FAcZO2Ih/Gsm1vRgLJeOC+1FqKNbIYrHTogEf3tyzqpnzqDWnMjf8muMxuNiJZZPaIObTsOsqN3LALu0S8zKBILJhQHQa05v7ypBjEFaI2xTBu57Z4PUpCtGZCUie5fhMdUgmdtz4v2Wp5w6jMUz6NMQNkSAYvXH9bORXH9dXu9qKPl3pi+tJzf+Td8hSuc9GvVdJlf4umilv7el/7ecUdAQm0MzcP49eCM9euioI3f2gCThqAeuIC+PWbojT2oiLG1nSWDq5AWKBh8SYTKkhy6ahbwRoRy41IrJRJMDsUB9n0gWs3mwfJkvKAZwYxLKfHCks9dOfJ5LbuBTyhuLj25B0RNjoc8ii/qu4E49ce1324kvOysq1nJRh4cDcVGEyupAAdKNudeer7bi4P9t9+x1RMYPlqTA/v/AWkIV+1qbotJeqI0ShjFYW6KpuBTCUNP3AKiXrMeEJ0l+W5lw/VKQC2ojk6pCNvbly9AcPr5W2Lzq5qstpX6ULzhfT34XHm1SHgIsKdQjMiyahS3hjdDT7uUkrU9DhKA4Qj0AvzKHtFyVD32CVhrmRs320jSkqpYfqUv2SGWjLj/T3PxVaJ2kxfmnMIqZlLkkTyqiiOc4ooxxgHOUalXkELc7exPLuCOfvrxTjr6K81QMbXjk6KauhMtTxOJNIgUg9pLJoWtE2YViCJglljLNbLHwT+iVtuQnbalJ1CbIGJ6Y9kWHAMJmfgyw0BO009++6BDmWrJc39jB7PVAquQdJFvn/MPQecMHVkxP7wE35Qy3D9LeVIeV0HIIEblxNcuqNDDafMDLswA6cy0kZV43HKBJBsprkfHjKccyqU94CFsib47yV/2VSKypBZn6Q+cqxPIuBg3YD14wXBg4YlR1KSlL2l7sHUhMlgFawTV83XeXhL8FXTI6UGOywo6HBDUXpuXkaf8nYdKo8qASn7KCwHYgqaghSEl0Q64gSK3XK/72UrRMhb2ylo/vyPUtlWj+ws25/75R+XGpaD3x0GTXGQPPR3+E4q4kVXQD8gU5xlVvogX6KO3nGfLzWKXsrITHMOT2sSLUJaFggOCNA+WWec4iA43Cvut4hinEr8EU96cT+WbOjrzD2RmXSYmqBj60NcCX8NnhJTROUVJxK3d5dODo4GvPm0wj7W+G2iw==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0fbc4d7d-c799-447d-ff4f-08db87ea4e3d
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2023 23:54:20.7766 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KasmG5aotZmxfOu65OkpH5Fl9z/71ShBzrysnrB8Zadr+JThNKBAY1H2fQiJ7kMBoCzxpEC4yGxsg9yuEYX3yyZ2AJSOfo6AelHxWLKYuoA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR11MB4592
X-Proofpoint-ORIG-GUID: YqwIQI-6SS5ntHmV78XZWHI19YZCU8Ni
X-Proofpoint-GUID: YqwIQI-6SS5ntHmV78XZWHI19YZCU8Ni
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-07-18_18,2023-07-18_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 phishscore=0 priorityscore=1501 spamscore=0 adultscore=0 bulkscore=0 mlxlogscore=999 mlxscore=0 malwarescore=0 lowpriorityscore=0 clxscore=1015 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2306200000 definitions=main-2307180211
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/jfr_lw2ymtrosjCvV2ktXvnVhUY>
Subject: [Acme] FW: [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jul 2023 23:54:32 -0000

@chairs since the agenda doesn't look particularly full, and we asked before the cutoff, could we get this on the agenda please?

---
Mike Ounsworth

-----Original Message-----
From: Acme <acme-bounces@ietf.org> On Behalf Of Mike Ounsworth
Sent: Thursday, July 6, 2023 9:54 AM
To: acme@ietf.org
Cc: Paul van Brouwershaven <Paul.vanBrouwershaven@entrust.com>
Subject: [Acme] FW: [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt

Hi ACME!

This is new business that we would like to add to the agenda for 117.

Thanks,
---
Mike Ounsworth & Paul van Brouwershaven

-----Original Message-----
From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Sent: Thursday, July 6, 2023 9:39 AM
To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; Paul van Brouwershaven <Paul.vanBrouwershaven@entrust.com>
Subject: [EXTERNAL] New Version Notification for draft-vanbrouwershaven-acme-auto-discovery-00.txt

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________

A new version of I-D, draft-vanbrouwershaven-acme-auto-discovery-00.txt
has been successfully submitted by Paul van Brouwershaven and posted to the IETF repository.

Name:           draft-vanbrouwershaven-acme-auto-discovery
Revision:       00
Title:          Auto-discovery mechanism for ACME client configuration
Document date:  2023-07-06
Group:          Individual Submission
Pages:          16
URL:            https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-vanbrouwershaven-acme-auto-discovery-00.txt__;!!FJ-Y8qCqXTj2!d0ZjHZK3lFPhUQfdjAxymn-H3OhnRAb4rcV3IIj5JYeqEaYfSa9Kl0wLB66UtTUn9f4M43NSwZ0dnFc0JtwNW0dZY9AH3yeoTcrC$ 
Status:         https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-vanbrouwershaven-acme-auto-discovery/__;!!FJ-Y8qCqXTj2!d0ZjHZK3lFPhUQfdjAxymn-H3OhnRAb4rcV3IIj5JYeqEaYfSa9Kl0wLB66UtTUn9f4M43NSwZ0dnFc0JtwNW0dZY9AH39B9nSJz$ 
Html:           https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-vanbrouwershaven-acme-auto-discovery-00.html__;!!FJ-Y8qCqXTj2!d0ZjHZK3lFPhUQfdjAxymn-H3OhnRAb4rcV3IIj5JYeqEaYfSa9Kl0wLB66UtTUn9f4M43NSwZ0dnFc0JtwNW0dZY9AH3-CaBB-W$ 
Htmlized:    https://urldefense.com/v3/__https://datatracker.ietf.org/doc/html/draft-vanbrouwershaven-acme-auto-discovery__;!!FJ-Y8qCqXTj2!d0ZjHZK3lFPhUQfdjAxymn-H3OhnRAb4rcV3IIj5JYeqEaYfSa9Kl0wLB66UtTUn9f4M43NSwZ0dnFc0JtwNW0dZY9AH37daXF_h$ 


Abstract:
   A significant impediment to the widespread adoption of the Automated
   Certificate Management Environment (ACME) [RFC8555] is that ACME
   clients need to be pre-configured with the URL of the ACME server to
   be used.  This often leaves domain owners at the mercy of their
   hosting provider as to which Certification Authorities (CAs) can be
   used.  This specification provides a mechanism to bootstrap ACME
   client configuration from a domain's DNS CAA Resource Record
   [RFC8659], thus giving control of which CA(s) to use back to the
   domain owner.

   Specifically, this document specifies two new extensions to the DNS
   CAA Resource Record: the "discovery" and "priority" parameters.
   Additionally, it registers the URI "/.well-known/acme" at which all
   compliant ACME servers will host their ACME directory object.  By
   retrieving instructions for the ACME client from the authorized
   CA(s), this mechanism allows for the domain owner to configure
   multiple CAs in either load-balanced or fallback prioritizations
   which improves user preferences and increases diversity in
   certificate issuers.




The IETF Secretariat


Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
_______________________________________________
Acme mailing list
Acme@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/acme__;!!FJ-Y8qCqXTj2!d0ZjHZK3lFPhUQfdjAxymn-H3OhnRAb4rcV3IIj5JYeqEaYfSa9Kl0wLB66UtTUn9f4M43NSwZ0dnFc0JtwNW0dZY9AH39SGJXVL$

v2.23.0 | Report a Bug | By Email