IETF Logo Mail Archive

Re: [Acme] Terms of service agreement changes

Ron <ron@debian.org> Wed, 17 August 2016 07:34 UTC

Return-Path: <ron@debian.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F73012D0AE for <acme@ietfa.amsl.com>; Wed, 17 Aug 2016 00:34:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6SyVQRIc6BD4 for <acme@ietfa.amsl.com>; Wed, 17 Aug 2016 00:34:28 -0700 (PDT)
Received: from ipmail06.adl2.internode.on.net (ipmail06.adl2.internode.on.net [150.101.137.129]) by ietfa.amsl.com (Postfix) with ESMTP id 28B0812B064 for <acme@ietf.org>; Wed, 17 Aug 2016 00:34:27 -0700 (PDT)
Received: from ppp121-45-12-92.lns20.adl2.internode.on.net (HELO mailservice.shelbyville.oz) ([121.45.12.92]) by ipmail06.adl2.internode.on.net with ESMTP; 17 Aug 2016 17:03:50 +0930
Received: from localhost (localhost [127.0.0.1]) by mailservice.shelbyville.oz (Postfix) with ESMTP id 1F981FFD78; Wed, 17 Aug 2016 17:03:49 +0930 (ACST)
X-Virus-Scanned: Debian amavisd-new at mailservice.shelbyville.oz
Received: from mailservice.shelbyville.oz ([127.0.0.1]) by localhost (mailservice.shelbyville.oz [127.0.0.1]) (amavisd-new, port 10024) with LMTP id uLvhXl_gz1J2; Wed, 17 Aug 2016 17:03:47 +0930 (ACST)
Received: from hex.shelbyville.oz (hex.shelbyville.oz [192.168.1.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mailservice.shelbyville.oz (Postfix) with ESMTPS id 2D2BBFF97F; Wed, 17 Aug 2016 17:03:47 +0930 (ACST)
Received: by hex.shelbyville.oz (Postfix, from userid 1000) id 1C60680473; Wed, 17 Aug 2016 17:03:47 +0930 (ACST)
Date: Wed, 17 Aug 2016 17:03:47 +0930
From: Ron <ron@debian.org>
To: Jacob Hoffman-Andrews <jsha@eff.org>
Message-ID: <20160817073347.GK8744@hex.shelbyville.oz>
References: <627b7240-a9db-7259-6d38-1bad24f80856@eff.org> <20160807123428.GA10284@andover.lhh.devever.net> <CAL02cgQZucvbNCmiTk5Vkn1D3V7VH3F0m5NtXX9GdqznPMtgLw@mail.gmail.com> <CANUQDChYC6zF0VHZ5LcdSxjsc8t6C36hRJx_b8JUUOUVbn8huA@mail.gmail.com> <CAL02cgRHwOHGgLeZLOeEDx3K0EwtfokYkcja4adq3xw0xAj5CQ@mail.gmail.com> <02d7023e-98f6-bd87-f35d-65fb44e62098@eff.org> <20160809194229.GI8744@hex.shelbyville.oz> <801db366-377f-ea94-6b6b-7dd8e2f0c108@eff.org> <cf5a59f2-e8f4-1324-29e7-3977db34f2a2@eff.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <cf5a59f2-e8f4-1324-29e7-3977db34f2a2@eff.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/sM_k_jxP0chgc0tSNluhTLN-keg>
Cc: acme@ietf.org
Subject: Re: [Acme] Terms of service agreement changes
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Aug 2016 07:34:30 -0000

On Tue, Aug 16, 2016 at 06:25:26PM -0700, Jacob Hoffman-Andrews wrote:
> Any further objections to this?
> 
> https://github.com/ietf-wg-acme/acme/pull/167/files

Aside from Eric's remarks, I'm also not too keen on a blanket
"terms-of-service": "agreed", since there's no indication there
of what you've actually "agreed" to.

I don't think this should be a binary (unary?) switch.


> On 08/09/2016 12:50 PM, Jacob Hoffman-Andrews wrote:
> > On 08/09/2016 12:42 PM, Ron wrote:
> >>>  - If the CA uses legal auto-update language (most common case by far),
> >>> nothing else is required.
> >>
> >> I think in this case we should specify that the CA MUST notify the user
> >> of this via the ACME protocol (ie. by changing the ToS URL or similar).
> > 
> > I'm fine with saying that the directory's terms-of-service URL should
> > always be up-to-date with the latest ToS, *if* the CA is using ACME for
> > ToS agreement.
> > 
> > 
> > I suspect for most paid CAs, ToS agreement will already have been
> > handled out-of-band, for instance when submitting payment information.

v2.23.0 | Report a Bug | By Email