Re: [Acme] ACME draft is now in WGLC.
Hugo Landau <hlandau@devever.net> Tue, 14 March 2017 16:24 UTC
Return-Path: <hlandau@devever.net>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97CD0129501 for <acme@ietfa.amsl.com>; Tue, 14 Mar 2017 09:24:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=devever.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v093RNmBcvcf for <acme@ietfa.amsl.com>; Tue, 14 Mar 2017 09:24:29 -0700 (PDT)
Received: from umbriel.devever.net (umbriel.devever.net [149.202.51.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D7C7129480 for <acme@ietf.org>; Tue, 14 Mar 2017 09:24:29 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by umbriel.devever.net (Postfix) with ESMTP id 6A6D81D3FF; Tue, 14 Mar 2017 17:24:26 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=devever.net; h= user-agent:in-reply-to:content-disposition:content-type :content-type:mime-version:references:message-id:subject:subject :from:from:date:date:received:received; s=mimas; t=1489508666; x=1507698027; bh=gYhazqbNbJmqLQb5rXlfvd8y+6VXJ9Kw5dNz/0SYHh8=; b= nX7tSPGzUlUvSLXRZ6d56juFFuuhA22Ngf1BGe8FLariK6XuBObOitIyevVb5mz4 36cZ16EijLZDL4sjpm3hoIdYMGAnKvYQrfSb4IElYKj8dBSWf4t61Az88rkiC05J sLTAsY93yWzsoPkLN0jC13gWewVeSYUcpMuVAOA7++BNV91/hK7603Awhma7ktfm yT+JhDfJ6m3XBh8wjNzOx0wg1l5z4l36i+WKbTWPae3X9ve/4ygW5LRepAy38uNj iXRYOl8qpmD4M+UBYMuJ1ysUqCu/sR3nmls3Q0GEoZ7bWDGbuD4eeY6uE0ocD9Hr s8n3gZn3EyteNm27aQcQNA==
Received: from umbriel.devever.net ([127.0.0.1]) by localhost (umbriel.devever.net [127.0.0.1]) (amavisd-new, port 10026) with LMTP id Hq2AaAQc3m2I; Tue, 14 Mar 2017 17:24:26 +0100 (CET)
Received: from andover.lhh.devever.net (localhost [127.0.0.1]) by umbriel.devever.net (Postfix) with SMTP id 2CA3C1D3FE; Tue, 14 Mar 2017 17:24:26 +0100 (CET)
Date: Tue, 14 Mar 2017 16:24:26 +0000
From: Hugo Landau <hlandau@devever.net>
To: "Salz, Rich" <rsalz@akamai.com>
Cc: acme@ietf.org
Message-ID: <20170314162425.GA13868@andover.lhh.devever.net>
References: <8473d9ba84894d49b2f2232370d66b46@usma1ex-dag1mb3.msg.corp.akamai.com> <20170307031510.GN7733@mournblade.imrryr.org> <20170307032023.GO7733@mournblade.imrryr.org> <9471a5323a98405eaf0ee111fb0350b0@usma1ex-dag1mb3.msg.corp.akamai.com> <20170313201410.GG4095@mournblade.imrryr.org> <12461433fb264865972e9ddafab1c511@usma1ex-dag1mb1.msg.corp.akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <12461433fb264865972e9ddafab1c511@usma1ex-dag1mb1.msg.corp.akamai.com>
User-Agent: Mutt/1.8.0 (2017-02-23)
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/q7se1sK6OTgYNgaDmIgoHDNTTls>
Subject: Re: [Acme] ACME draft is now in WGLC.
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2017 16:24:30 -0000
> > The CAA check is/was easy to make and crippling it > > by not making it a requirement was IMNSHO a mistake. > ... > > I urge the WG to reconsider. > > Does anyone else agree with Viktor? Please speak up on the list this week if so. I'd agree that the CAA check should be made mandatory. At least, I can't think of any good reason why it shouldn't be. I'd also agree that the use of a DNSSEC-validating resolver accessed via a trusted network (preferably localhost) should be mandatory.
- [Acme] ACME draft is now in WGLC. Salz, Rich
- Re: [Acme] ACME draft is now in WGLC. Jacob Hoffman-Andrews
- Re: [Acme] ACME draft is now in WGLC. Salz, Rich
- Re: [Acme] ACME draft is now in WGLC. housley
- Re: [Acme] ACME draft is now in WGLC. Martin Thomson
- Re: [Acme] ACME draft is now in WGLC. Anders Rundgren
- Re: [Acme] ACME draft is now in WGLC. Salz, Rich
- Re: [Acme] ACME draft is now in WGLC. Russ Housley
- Re: [Acme] ACME draft is now in WGLC. Jacob Hoffman-Andrews
- Re: [Acme] ACME draft is now in WGLC. Anders Rundgren
- Re: [Acme] ACME draft is now in WGLC. Viktor Dukhovni
- Re: [Acme] ACME draft is now in WGLC. Viktor Dukhovni
- Re: [Acme] ACME draft is now in WGLC. Salz, Rich
- Re: [Acme] ACME draft is now in WGLC. Viktor Dukhovni
- Re: [Acme] ACME draft is now in WGLC. Salz, Rich
- Re: [Acme] ACME draft is now in WGLC. Jacob Hoffman-Andrews
- Re: [Acme] ACME draft is now in WGLC. Viktor Dukhovni
- Re: [Acme] ACME draft is now in WGLC. Hugo Landau
- Re: [Acme] ACME draft is now in WGLC. Richard Barnes
- Re: [Acme] ACME draft is now in WGLC. Phillip Hallam-Baker
- Re: [Acme] ACME draft is now in WGLC. Richard Barnes