IETF Logo Mail Archive

[Add] Some ACME related work

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 22 March 2024 05:01 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68532C14F6BC for <add@ietfa.amsl.com>; Thu, 21 Mar 2024 22:01:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.594
X-Spam-Level:
X-Spam-Status: No, score=-14.594 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 02gyxXphQgfK for <add@ietfa.amsl.com>; Thu, 21 Mar 2024 22:01:27 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5C07C14F691 for <add@ietf.org>; Thu, 21 Mar 2024 22:01:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; i=@cisco.com; l=3584; q=dns/txt; s=iport; t=1711083686; x=1712293286; h=from:to:subject:date:message-id:mime-version; bh=hJIzHrwmanzQZUuZYMfZaBXx4GSAOR3rUUpj+nvq9ls=; b=il6mgcsGtWa20m2LS8yaqolU42xqSoYKhTemArf6Z4T9YpznAOvkI0gS jQOVScy3EFKSfngptfLL1aAhUFgmCr4WyK8W/tOaPkPKJiIfTjGEVf0RB c7BEBmEjvAN/DtImjARNzz/zt8ZZY75reO25S2XX6glwX4SgFvXj9H2JI M=;
X-CSE-ConnectionGUID: 1oBLWyA6Qzad/LE+4VQ68A==
X-CSE-MsgGUID: CYZGlyRYR8eNl5oVmIgvZQ==
X-IPAS-Result: A0BXBABeD/1l/4cNJK1agQklgQIQGoEyMVIHcwKBBRKIaQOFLYZJmVuGUYF+DwEBAQ0BAT0HBAEBhQYCiAICJjQJDgECBAEBAQEDAgMBAQEBAQEBAQEFAQEFAQEBAgEHBYEKE4VtDYZneQEMcycEGxqCX4IXSAMBEKUxAYFAAoooeIE0gQGCFgWBPQQOQYpNBoFIiCYBgVKIXycbgUlEgRVChWUiAgOBX4QSgi8EhUqWNYkygU0iA30IbRsQHjcREBMNAwhuHQIxOgMFAwQyChIMCx8FEkIDQwZICwMCGgUDAwSBLQUNGgIQLCYDAxJJAhAUAzgDAwYDCjEwVUEMUANnHzIJPA8MGgIbFA0kIwIsPgMJChACFgMdFgQwEQkLJgMqBjYCEgwGBgZcIBYJBCUDCAQDUgMgchEDBBoECwd2gz8EE0cQgQ8liiKDQoIhgRGDMQNEHUADC209NRQbBQSBOQWiTHgCAYNLUzA2ghGhZYF6oVAKhBOMDJVTF6lLZJhfjXCaZAIEAgQFAg4BAQaBZDyBWXAVgyNRGQ+XLpJsgTMCBwEKAQEDCYpoAQE
IronPort-PHdr: A9a23:b2c6exTAN/+PgjlR5DD9J/6rT9pso3TLVj580XJvo7tKdqLm+IztI wmGo/5sl1TOG47c7qEMh+nXtvX4UHcbqdaasX8EeYBRTRJNl8gMngIhDcLEQU32JfLndWo7S exJVURu+DewNk0GUN3maQjqq2appSUXBg25MAN0IurvHYuHgtqm0eux9rXYYh5Dg3y2ZrYhZ BmzpB/a49EfmpAqar5k0BbLr3BUM+hX3jZuIlSe3l7ws8yx55VktS9Xvpoc
IronPort-Data: A9a23:bPCKyqwrNvMK4XhPwT16t+eIxCrEfRIJ4+MujC+fZmUNrF6WrkUHn 2YfDWyAOfiIMTOheNonb4mw/RkC7ZbTyYJkGgQ4/FhgHilAwSbn6Xt1DatR0we6dJCroJdPt p1GAjX4BJlpCCKa/lH1aOKJQUBUjcmgXqD7BPPPJhd/TAplTDZJoR94kobVuKYw6TSCK13L4 YyaT/H3Ygf/h2YvaDhMsspvlTs21BjMkGJA1rABTagjUG/2zxE9EJ8ZLKetGHr0KqE8NvK6X evK0Iai9Wrf+Ro3Yvv9+losWhRXKlJ6FVHmZkt+A8BOsDAbzsAB+vpT2M4nVKtio27hc+adZ zl6ncfYpQ8BZsUgkQmGOvVSO3kW0aZuoNcrLZUj2CCe5xWuTpfi/xlhJBgxF6kn688pOHNH+ bs8BXNRUCnd18vjldpXSsE07igiBMDvOIVasXZ6wHSDS/0nWpvEBa7N4Le03h9p2ZsIRqiYP pFfMGEyBPjDS0Un1lM/BYwvmuyri1H0ciZTrxSeoq9fD237llcogOe2aIKNEjCMbe5krGmct 1j3xTT0JBVHM+Ka6DWbwEv504cjmgu+Aur+DoaQ//JmqFye2mJVDwcZPWZXutGwjkq4HtlYM UFRoGwlrLM58wqgSdyVswCEnUNodyU0ArJ4O+Y78wqKjKHT5m6k6qIsF1attPROWBcKeAEX
IronPort-HdrOrdr: A9a23:xU1pFa7l2skWkL/zCAPXwW6BI+orL9Y04lQ7vn2ZFiYlEfBwxv rPoB1E737JYW4qKQwdcLC7VJVoMkmsiaKdgLNhdotKMzOWw1dAQLsSibcKoAeQUREWlNQtr5 uIGpIWYLaffDoK6PoSizPIderIteP3iJxA8t2utkuFIzsaDJ1I3kNSMCreOEtwQwVNGJo+E7 ShxucvnVCdUEVSRP6WQl0eUcb+h/Cjrv/biBg9aCIP2U2rt3eF+bT6Gx+X0lM1SDVU24ov9m DDjkjQ+rijm+vT8G6R60bjq7Bt3PfxwNpKA8KBzuIPLC/3twqubIN9H5WfoTEOpv214lpCqq iCn/5gBbU815riRBD0nfLf4Xii7N/o0Q6h9basuwqjnSU+fkN+NyMOv/McTvKT0TtegDg16t M044vejesbMfsF9x6NoeQhkHpR5w2JiGtnnugJg3NFV4wCLLdXsIwE5UtQVIwNBSTg9ekcYZ 9T5eznlYJrmGmhHgfkl3gqxMbpUmU4Hx+ATERHssuJ0yJOlHQ8y0cD3sQQknoJ6Zp4EvB/lq z5G7UtkKsLQt4dbKp7CutEScyrCnbVSRaJNG6JO1zoGKwOJnqIoZ/q57c+4v2sZfUzvdIPsY WEVEkduX85ekroB8HL1JpX8grVSGH4RjjpwtE23ekNhlQ9fsuYDcSuciFcryL7mYRvPiTyYY fCBK5r
X-Talos-CUID: 9a23:0hgk7mnj9qapDc8w0uaOXsFJSO7XOSTa5lPvMmbmMHRgRPqxZBzMxpo6w+M7zg==
X-Talos-MUID: 9a23:qz4SiA1LhMcv41PrIPVIP0rZWTUjyJWcJ0Qcq6Q868SiMXF3BTK8gyqFe9py
X-IronPort-Anti-Spam-Filtered: true
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-3.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2024 05:01:26 +0000
Received: from alln-opgw-1.cisco.com (alln-opgw-1.cisco.com [173.37.147.229]) by alln-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 42M51PaR005143 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <add@ietf.org>; Fri, 22 Mar 2024 05:01:25 GMT
X-CSE-ConnectionGUID: B2vRvnDRQwGTgsQsptbkwQ==
X-CSE-MsgGUID: tnFs/YMCR9CQTenZYbbefw==
Authentication-Results: alln-opgw-1.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=evyncke@cisco.com; dmarc=pass (p=reject dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.07,145,1708387200"; d="scan'208,217";a="26574417"
Received: from mail-bn7nam10lp2101.outbound.protection.outlook.com (HELO NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.101]) by alln-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2024 05:01:25 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OsEUPKmpVMywr6wq854hvDhgw9bTVsjSkd727IKZQoQ4za9VWSGHGFAHsb3K9XKfjR5Hpdqar1AUw8RuOFs3puaRe8OQIkIil+FO++nk+bAf9fi/P2hq00ieWah17R7GjzgKmJXxIkXMz7k8D16ppi0IjDuc9SdJK0Snqz6ja6Z3hfiUg5A++SZSuosblWo1rq8TxnlftIKWFOHN8H8dXkw/YOyCYR0d03y8EjSHFjgtPEjFZByFUo6J1+wGYgJeGJUvXbr5mpkKQ9DqALALu95AJ+7J/+2TWB/4stfCli+8cIdNlC5OwsX2fjMECQxOr2dWY4Z80vS4Q/OQ+mVNbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hJIzHrwmanzQZUuZYMfZaBXx4GSAOR3rUUpj+nvq9ls=; b=UrXRNU6BfjXoHk2SxaP8uIL09/N32lTWscYnV21cULl5mQWk62B2fyHYRFpDIuDrxpyTy6p0U2IUzMS4XuJpKV56LCXB8zJOBbq5i+5PAFRNIyoYPHoeVvhbBfdjurd3KFV0i3C6GRH1hryAKZQdF2nx0y9EsNOZKqkAhdSZLis7yuyj/1T/w9unhu2v21BHZ+C5yaFTHsuksyM0TStR5B+0rNQwOqTdExeZTcYei+KGCYTPdA/tQuwKMh2Ge/Fp48DF0uH3bRIiPfpEqrC9AN3QvMQGSYH77egG83bV9F0UQA4od9vye46h0LyAbCxBdny/HCHkq46xGnb2KM76uQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by CH0PR11MB8166.namprd11.prod.outlook.com (2603:10b6:610:182::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.24; Fri, 22 Mar 2024 05:01:24 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::626d:78db:4371:447a]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::626d:78db:4371:447a%5]) with mapi id 15.20.7409.010; Fri, 22 Mar 2024 05:01:24 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: ADD Mailing list <add@ietf.org>
Thread-Topic: Some ACME related work
Thread-Index: AQHafBWzYnLoF82+J0yJ9tftoJfmvw==
Date: Fri, 22 Mar 2024 05:01:24 +0000
Message-ID: <PH0PR11MB49665BE2E8D8E3D5649A6698A9312@PH0PR11MB4966.namprd11.prod.outlook.com>
Accept-Language: fr-BE, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR11MB4966:EE_|CH0PR11MB8166:EE_
x-ms-office365-filtering-correlation-id: c4ecfdfa-3614-416d-f57c-08dc4a2d1f6c
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3DbBQQzpb9vpjf9XjETMfo1wUFNEaaDmhotJTSWyTlZ+mISDiCl+SdyCPo4Hxna9HcbKIpVSNksjrMkGSRBQdxIsbVGF1huZLgc03ldAJZaL9qK784ob4mbrK5HoTodIXPY29x2RMysTPnnKlkBdMOHH4bOSaxwrX+HKWsbEx37H2Bdeplfy6NTk0gT1yjmjDbDbx/uOkM/9SGs5MXUFP5ZoNo5ntjwKk7FW7D4FhJhMc+X75YwlCbZES31AETn30ma7rlIJG+G3PChl6p62zZqCKEPDMIDAUfE84F47IODf1ZUHywUUcCDr06chm6pitIVfStxXZITH6vtfOLai3a/ghs3GBf1k1/HAbWfKJO1SppXSypD9yw/ggI1FwqzBopNoJPKJlBMuFjNdHRpawF5LiWpgSVQX/vkha37tPHf8IY+5EGhKR4EcJ8a01F0TRwnd0cKU7ivnL6doBjPQKuuMJUgBxpgnYHMtxHLky5ehzXJkI5cnuvOgfHWidZjbsldXTRbSy9wB6nGdxH276/D0LTqD5sQKYrt59Y4XJovSkJh1fcHRUbnXtKYvk3hE/vN07LmERRJuoleEPS+PAYi/aJEQto9iWghTzhlLDv7+Ch5Wc43JgNL745Sd/s8n+BEhJ3v4bzkk3nJXW2NJv/kSJMfI+rZSX4tJ5b2xPUS67xeXY2lIdoXBEe1S4t9D
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qDyfrIZNUeDm2ls9aCyeDVsPBfd/2dETmvk1eP8ZjmRSJIakM7XKVBTYrNmokDz4ij2J8LG84zzJs6KtyUZ/E2GswAhMvvJQuona93UeB2UpXAIGIsqdKewdcow9Zw6eZt9G1fHi4dPtpEj5w1ZanEJywjkTW9rxg1cxL2XxKB5iWKSLSDLpL25VCQ9cgJcFnjQ5gBRYNHNuTzD65r5yPnQ86/iCUCdAGv1kAWPUxZQK+gfL2PjsPDc/r9xFE7KDahFnPNKVrwUVnp6RuQClhWJzWleDqP9mKeIdlMkSNq/jipN9EJrf+4d+zKrHDdxl9iC9QrEhnNj5TlosrjP6lGLjw1xZ7NmR0RuSvBRlAYVfRtZWJixGAfWAnQ1Zin7u0vmMJPhdtZxd9PDpxsTjd8sJWtHfQryjaYFdTj5Uuwx4Inx7wnLHSOnHlGvTCw51b/uo9KWq7obztTorV84DbhHj1Um/zEgnI6nGIwEWIufow4WLh5MuDuya9nsE1yU/arWhRkzFuVBXi7ohPznGANGH8EmDlFzYzSF/lJuLVpyGMIMphNUg7qylk984YfQjK35Ga+H/SxnF5F5PTYX5HH73DrC6kbDQoeb+Fy1UcgBKYKnzroao4X6CAVyUozqQK6uJPMZH5Y9p509gI3ifj7bf4YnmQhpFT5SptLBEbRm9x/UGXaichVrLMvYkQ2/7QL16f7da4NK34KDoPbGsPrNbIU32CGtGUOlY40ruTUGoJ27B08tbTb5k9tZY0vgwBp4jZQUpKzy7Shzl63PVA4T/nUTiPATJUAdlqxxFT86/L16VeMVA74YnG6A7u17rlJc+8rjqFWldWhj5sUMOCzRZktqID39Sok7h8akaSBE6E/fcwDhLS01G0QFJNU9VCPmuPeK5Frfe+8ma68YdztYCAm/DY/KQs2ce3XVSwaLWY9QKqnbmk0xZD8Tv00SCZb4d3scKytvFE83QVqyUKMjLpP8qJWjfdEFs7/sIKsUChH/qnOEPyEnAtlMJNg3Ja5ujuUbTL5JZQXUHs2YiwZ5Ejc5uSUAYV7iq+aRaEM1mTrXCXiUfijnPD7e0MXSxe4ZAIkXl5/Qo/ZW0FyNeFprPyRL5nVBgw89s8SJKYwFpNOG9ERa7FFhUwEn9chKyzg0Byb1oViojPYbPbF+mV1E/JS4w6xYF2oqmv4t141qgU9Z+Fv3fsF2yVKhgRL5wZc+2LPDZHkEX5Gg0KXto6VwL9NT89QokAWfAljlEelvAKggtfrpadaAftZoF64+ork9LwhFZBkSVdbdZhqftTJESpCsFFnL61A7XYCPa9wWsk6LVVaih5knLPeuVII/JLEPLOjmKIZheR7nEZ7k2k7TZPlx24ZTMkJOQF/cwm/x37VVO5X0BY9/MyRgwvTxIpdFX9OdPezluIMs9mUam180VruCLTnTVZmAVAbgfKx9h6l3D3XV/f6EnnLpzYDt5b5yiLXTI5CfKYCjmxNZNe2uT9q78uLuqT5xB8xShEpBfoENIdtzbkFnC32Ph70y8zjDvNFTBwkI82Fc/mjh+ce7cf8erq0AnQnMi9dlZLzKrPfev8U3GRDjWL8CiL7tU4zrSMmJj89humpPqpVouuGVVEtqGcrfQkUnYzVua1XtZjNNVS6ACZRu/+UZRqKQflFQFrQNfv7ce/tq2lEwm/w==
Content-Type: multipart/alternative; boundary="_000_PH0PR11MB49665BE2E8D8E3D5649A6698A9312PH0PR11MB4966namp_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c4ecfdfa-3614-416d-f57c-08dc4a2d1f6c
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Mar 2024 05:01:24.0628 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lSh7dthADtyhVtYiZHCopOwXpvElz1QEy73CH5ETdlcj4OoV7wwAYiXIhvmfEpUlMm3KEBH7OMerdymZBpg49A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR11MB8166
X-Outbound-SMTP-Client: 173.37.147.229, alln-opgw-1.cisco.com
X-Outbound-Node: alln-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/KvogydIG-1vEcNy5ViOMSsBHcjE>
Subject: [Add] Some ACME related work
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2024 05:01:31 -0000

The SEC/GEN ADs kindly gave me a hint about certificates to IoT/CPE devices. Currently drafted in ACME WG (but possibly also outside of the ACME charter).

See:
- https://datatracker.ietf.org/doc/draft-sweet-iot-acme/
- https://datatracker.ietf.org/meeting/119/materials/slides-119-acme-acme-based-provisioning-of-iot-devices

This does not pre-empt on working on ADD use cases/requirements.

Regards

-éric

v2.23.0 | Report a Bug | By Email