[Acme] draft-ietf-acme-client-05 and key attestations
Carl Wallace <carl@redhoundsoftware.com> Fri, 08 April 2022 15:00 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0ACBF3A07A7 for <acme@ietfa.amsl.com>; Fri, 8 Apr 2022 08:00:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G373iPggc3EQ for <acme@ietfa.amsl.com>; Fri, 8 Apr 2022 08:00:30 -0700 (PDT)
Received: from mail-qt1-x82f.google.com (mail-qt1-x82f.google.com [IPv6:2607:f8b0:4864:20::82f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD49C3A07AD for <acme@ietf.org>; Fri, 8 Apr 2022 08:00:30 -0700 (PDT)
Received: by mail-qt1-x82f.google.com with SMTP id c4so10910220qtx.1 for <acme@ietf.org>; Fri, 08 Apr 2022 08:00:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version:content-transfer-encoding; bh=EGj611v5YKVo/+xlbDV9U/UQmE2Bng7aDI4r8kVN+pk=; b=qzM6Xao6RScLQEu4qt05ceDtKKjVjP04QB+nWJ+YSmURo1dpWYylRptx5C7nKVSamy s2VSKcWxsbuGnhhBX/99JxXnTLwob948Yiloh8AhzubllXRZKTJRE/w39yrVFOlD5cu6 erOsirzD08MTzVdbDEoMUWUNHnUX9tgPwEBtE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version:content-transfer-encoding; bh=EGj611v5YKVo/+xlbDV9U/UQmE2Bng7aDI4r8kVN+pk=; b=WQV9VQJruitAPpko5yCZZfcZX8lZbptsPOOoE/xZa0aDiQb/p4KBvnyvnJZbfyKmem Z/nHELoWWh3zpxva8HPZdaYczP9lOqjTeVNwyPmmocQzzahdkzZXBNHgyzc97skGLs31 3/jd3VMAIefyZ1WeJvqevW36RcE5lA3cHjuZ+OsmvdRyW5ofxzeem9FwfF/PsA6WkN5l hk6nEp9uhgIEC4/aLBwHIo2IthIlN9HUfOXxvZBNbOK/v1wmcJflnuTuE50nQFsMUb1r mRSxiatfhSiCzvkLFz7QewmSA1IUOns97YfohQ0t3/buO7ClikUPNXj2FKvaxQoxPi7R kNrQ==
X-Gm-Message-State: AOAM533XrNn8SuHixmit6/L3eMlnjNdKWDYpgiVyDskLoV/M6AgNEJkb OwydDSo9k1Jey4GTYZXxXLol1znbCAdw+1sb
X-Google-Smtp-Source: ABdhPJwzD0ly/HhZ/4py1XuA/RpjxcrvJHp3oEi6oAmM0zs6Kd9vCP0ccQdvepHeGhGVlhWvcFjjKw==
X-Received: by 2002:ac8:5f53:0:b0:2e1:d4fd:c965 with SMTP id y19-20020ac85f53000000b002e1d4fdc965mr16166151qta.590.1649430028984; Fri, 08 Apr 2022 08:00:28 -0700 (PDT)
Received: from [192.168.2.16] (pool-173-66-88-168.washdc.fios.verizon.net. [173.66.88.168]) by smtp.gmail.com with ESMTPSA id s19-20020a05622a179300b002e1ceeb21d0sm18675507qtk.97.2022.04.08.08.00.28 for <acme@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Apr 2022 08:00:28 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.59.22031300
Date: Fri, 08 Apr 2022 11:00:27 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: acme@ietf.org
Message-ID: <93839A2D-B45F-4C5D-A57E-15C32C7FBAB2@redhoundsoftware.com>
Thread-Topic: draft-ietf-acme-client-05 and key attestations
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/p7j_ia6YqbiJJCkwpKYOYPQEHYc>
Subject: [Acme] draft-ietf-acme-client-05 and key attestations
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2022 15:00:37 -0000
Given draft-ietf-acme-client-05 addresses provisioning device certificates and client certificates and both may be issued for keys that reside on mobile devices that support key attestation, would it make sense to include means of conveying key attestations to this draft? This wouldn’t align with the authentication aim of the draft, but may be a useful addition overall.
- [Acme] draft-ietf-acme-client-05 and key attestat… Carl Wallace
- Re: [Acme] draft-ietf-acme-client-05 and key atte… Paul van Brouwershaven
- Re: [Acme] draft-ietf-acme-client-05 and key atte… Anders Rundgren
- Re: [Acme] draft-ietf-acme-client-05 and key atte… Kathleen Moriarty