Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-acme-authority-token-tnauthlist-13> for your review
Mary Barnes <mary.ietf.barnes@gmail.com> Tue, 08 August 2023 17:56 UTC
Return-Path: <mary.ietf.barnes@gmail.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29EFBC153CBF; Tue, 8 Aug 2023 10:56:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SALMem3fkyIP; Tue, 8 Aug 2023 10:56:17 -0700 (PDT)
Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17AC2C151524; Tue, 8 Aug 2023 10:56:17 -0700 (PDT)
Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-686efa1804eso4370983b3a.3; Tue, 08 Aug 2023 10:56:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691517376; x=1692122176; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=UKH1Eari519SZKYmIXjRcQGpXWhbLUTI6PiC5wxIBdI=; b=JlwNNMcbqI6/4ehmDXEjjCNZNst9WfmxHCjDJRPEYFf/uXKJvCvOe29X+K9eOs0QCD wWoKJgapK/chTI5vbAlRv6tWHJoyqOr/8rSoCD6+6nx3BReVR3rn2rIZ2Y+jIQ/p9WCx WL4SOrKgrmJSuwoWa70pp90cbtXtF2d242kiwbqSaMg0pxXi8F8chezHI9qHSMiekmje jL9do0PkfFUd1XCpNtPni+hrFLuymv2VU+3VmkO6kfk50HhqsH5TYN9x5t4i0+as0MdM hxTMf/0TRAESqPIxoHve3/gDsRVrR1n+wvWLCjMRTGcCdLINuLBx7MKEe7rwa18cPjA8 4fvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691517376; x=1692122176; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UKH1Eari519SZKYmIXjRcQGpXWhbLUTI6PiC5wxIBdI=; b=RsTePU7UFepPjhw+qlusy+dlugvBUHwkxraeDLXtxOduPsudWvdf/pTOFqitx7yy5g 8dgxsR7KJ9Vo4DH4Vb+fNUnZpAqfEZCA/URbejm80nslfjECrt0aeVzeBrL4lg/1j6V6 vSebkRkJ1IfjmH+oMZMZ/wEXrUOkRZu/g6GstYyL9nUl6KQilSmU0rrL9fWJ9gTirE6p l/gzPcNYu/cOi/8NvM7upg3S68mBjQz4slb/Gbx8PnUFLRpTfPkSos04eFYtpsZ9smyt GIGA3//NRAy3v081mh3SfHXpCMYLo5mTonXvcnGfyCHFzRmo2pLdXkqyYyKa+C4TtsaF 54fA==
X-Gm-Message-State: AOJu0YznLCVtOUgArI+mc3KMsOMRiqlSE0tYKuEz+2gbOts77S0tka7L CnEHXnhluXMy2bRV+OvLingJyAx85MaUVb2zO4Q=
X-Google-Smtp-Source: AGHT+IGuB2RiTXmyuhoyPE4YiSD2LxDbbr3kOt/N+FIZVEgeJva4KsipGXPUvis5YSnv1++E/pvarYkeTH000x3CMwY=
X-Received: by 2002:a05:6a20:100c:b0:135:4388:3978 with SMTP id gs12-20020a056a20100c00b0013543883978mr203529pzc.29.1691517375556; Tue, 08 Aug 2023 10:56:15 -0700 (PDT)
MIME-Version: 1.0
References: <20230725055826.8D06E3E8AF@rfcpa.amsl.com> <8488D59C-14FB-4C48-9465-8120A43A8CBE@chriswendt.net> <02596DA6-70E9-44B3-A8BD-CFDBA60969C7@amsl.com> <16630211-924E-4A9A-B282-E3E0E260886A@chriswendt.net> <C88D691E-9C01-454D-A227-876070B29D6E@amsl.com> <8EE9CCA9-49A0-4D73-BF4D-58FA09597105@amsl.com>
In-Reply-To: <8EE9CCA9-49A0-4D73-BF4D-58FA09597105@amsl.com>
From: Mary Barnes <mary.ietf.barnes@gmail.com>
Date: Tue, 08 Aug 2023 12:56:04 -0500
Message-ID: <CAHBDyN4eEhEymzPGngUXZgB0sToZ_1ewA4iWAvZsyK9=nKSXPQ@mail.gmail.com>
To: Alanna Paloma <apaloma@amsl.com>
Cc: davidhancock.ietf@gmail.com, Jon Peterson <jon.peterson@neustar.biz>, Chris Wendt <chris-ietf@chriswendt.net>, RFC Editor <rfc-editor@rfc-editor.org>, Roman Danyliw <rdd@cert.org>, acme-ads@ietf.org, acme-chairs@ietf.org, "Salz, Rich" <rsalz@akamai.com>, auth48archive <auth48archive@rfc-editor.org>
Content-Type: multipart/alternative; boundary="0000000000004d32b506026d1452"
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/7pmCbPHkpq4RKcyAxjg3P4WkfQ4>
Subject: Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-acme-authority-token-tnauthlist-13> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2023 17:56:21 -0000
Hi Alanna, Thanks for the reminder. It looks good to me. Mary. On Tue, Aug 8, 2023 at 10:39 AM Alanna Paloma <apaloma@amsl.com> wrote: > David, Mary, and Jon, > > This is a friendly reminder that we await your reviews and approvals prior > to moving this document forward in the publication process. > > The files have been posted here (please refresh): > https://www.rfc-editor.org/authors/rfc9448.xml > https://www.rfc-editor.org/authors/rfc9448.txt > https://www.rfc-editor.org/authors/rfc9448.html > https://www.rfc-editor.org/authors/rfc9448.pdf > > The relevant diff files have been posted here: > https://www.rfc-editor.org/authors/rfc9448-diff.html (comprehensive diff) > https://www.rfc-editor.org/authors/rfc9448-auth48diff.html (AUTH48 > changes) > > For the AUTH48 status of this document, please see: > https://www.rfc-editor.org/auth48/rfc9448 > > Thank you, > RFC Editor/ap > > > On Aug 1, 2023, at 4:00 PM, Alanna Paloma <apaloma@amsl.com> wrote: > > > > Hi Chris, > > > > Thank you for your reply. Your approval has been noted on the AUTH48 > status page: > > https://www.rfc-editor.org/auth48/rfc9448 > > > > Once we have received approvals from David, Mary, and Jon, we will move > this document forward in the publication process. > > > > Best regards, > > RFC Editor/ap > > > >> On Aug 1, 2023, at 1:14 PM, Chris Wendt <chris-ietf@chriswendt.net> > wrote: > >> > >> Hi Alanna, > >> > >> I reviewed the changes and everything looks good to me. > >> > >> Thanks. > >> > >> -Chris > >> > >>> On Jul 28, 2023, at 7:33 PM, Alanna Paloma <apaloma@amsl.com> wrote: > >>> > >>> Hi Chris, > >>> > >>> Thank you for your reply. We have updated as requested. > >>> > >>>>> b) Throughout the text, "TNBlock" and "TN Block" appear to be used > >>>>> inconsistently. Please review these occurrences and let us know > if/how they > >>>>> may be made consistent. > >>>> > >>>> I would correct it with the following text: > >>>> Original > >>>> … with a particular set of different TN Blocks and/or TNs. > TNAuthList can be constructed to define a limited scope of the TNBlocks or > TNs either associated with an SPC or with the scope of TN Blocks or TNs the > client has authority over. > >>>> > >>>> Modified > >>>> … with a particular set of different telephone number ranges and/or > telephone numbers. TNAuthList can be constructed to define a limited scope > of the TelephoneNumberRanges or TelephoneNumbers [RFC8226] Section 9 either > associated with an SPC or with the scope of telephone number ranges or > telephone numbers the client has authority over. > >>>> > >>>> TN Block and telephone number range are essentially equivalent terms. > >>> > >>> The files have been updated with your modified text. In Section 5.7, > we have additionally updated “TNBlock” and “TNs" to be “telephone number > ranges” and “telephone numbers”, respectively. Please review and let us > know if further updates are necessary. > >>> > >>> Original: > >>> Because this specification specifically involves the TNAuthList > >>> defined in [RFC8226] which involves SPC, TNBlock, and individual TNs... > >>> > >>> Current: > >>> Because this specification specifically involves the TNAuthList > >>> defined in [RFC8226], which involves SPC, telephone number ranges, > >>> and individual telephone numbers... > >>> > >>> The files have been posted here (please refresh): > >>> https://www.rfc-editor.org/authors/rfc9448.xml > >>> https://www.rfc-editor.org/authors/rfc9448.txt > >>> https://www.rfc-editor.org/authors/rfc9448.html > >>> https://www.rfc-editor.org/authors/rfc9448.pdf > >>> > >>> The relevant diff files have been posted here: > >>> https://www.rfc-editor.org/authors/rfc9448-diff.html (comprehensive > diff) > >>> https://www.rfc-editor.org/authors/rfc9448-auth48diff.html (AUTH48 > changes) > >>> > >>> Please review the document carefully as documents do not change once > published as RFCs. > >>> > >>> We will await any further changes you may have and approvals from each > author prior to moving forward in the publication process. > >>> > >>> For the AUTH48 status of this document, please see: > >>> https://www.rfc-editor.org/auth48/rfc9448 > >>> > >>> Thank you, > >>> RFC Editor/ap > >>> > >>>> On Jul 26, 2023, at 8:53 AM, Chris Wendt <chris-ietf@chriswendt.net> > wrote: > >>>> > >>>> Inline: > >>>> > >>>>> On Jul 24, 2023, at 10:58 PM, rfc-editor@rfc-editor.org wrote: > >>>>> > >>>>> Authors, > >>>>> > >>>>> While reviewing this document during AUTH48, please resolve (as > necessary) the following questions, which are also in the XML file. > >>>>> > >>>>> 1) <!--[rfced] We note the profile name is expanded in Section 5. > >>>>> Would you like to expand it in the title and abstract as well, > >>>>> or leave it as simply "TNAuthList"? > >>>>> > >>>>> Original (Title): > >>>>> TNAuthList profile of ACME Authority Token > >>>>> > >>>>> Perhaps: > >>>>> Telephone Number Authorization List (TNAuthList) Profile > >>>>> of Automated Certificate Management Environment (ACME) Authority > Token > >>>>> > >>>>> > >>>>> Original (Abstract): > >>>>> ...using the TNAuthList defined by STI certificates. > >>>>> > >>>>> Perhaps: > >>>>> ... using the Telephone Number Authorization List (TNAuthList) > defined by > >>>>> STI certificates. > >>>>> --> > >>>> > >>>> I think i’d actually like to do the opposite and not expand it in > Section 5. > >>>> > >>>> So for Section 5: > >>>> > >>>> Original: > >>>> The Telephone Number Authority List Authority Token (TNAuthList > Authority Token) is a profile instance … > >>>> > >>>> Modified: > >>>> The TNAuthList Authority Token is a profile instance … > >>>> > >>>> My justification for that is that i looked at RFC8226 and TNAuthList > is just defined and never expanded. I’m up for discussion on that > conclusion, but i think that is probably the correct thing to do. > >>>> > >>>>> > >>>>> > >>>>> 2) <!--[rfced] Please clarify this sentence, in particular > >>>>> from "as per" onward. It doesn't parse. Is citing > >>>>> "[RFC8555]" as an adjective necessary? > >>>>> > >>>>> Original: > >>>>> The format of the string that represents the TNAuthList MUST be > >>>>> constructed using base64url encoding, as per [RFC8555] base64url > >>>>> encoding described in Section 5 of [RFC4648] according to the profile > >>>>> specified in JSON Web Signature in Section 2 of [RFC7515]. > >>>>> > >>>>> Perhaps: > >>>>> The string that represents the TNAuthList MUST be > >>>>> constructed using base64url encoding, as described in > >>>>> Section 5 of [RFC4648] and as defined in Section 2 > >>>>> of JSON Web Signature [RFC7515]. > >>>>> --> > >>>>> > >>>> > >>>> Yes, much cleaner > >>>> > >>>>> > >>>>> 3) <!--[rfced] Should it be "Telephone Number Authority List" or > >>>>> "Telephone Number Authorization List"? Both forms are used within > >>>>> this document. > >>>>> > >>>>> Original (Section 3): > >>>>> the TN Authorization List > >>>>> > >>>>> vs. > >>>>> > >>>>> Original (Section 5): > >>>>> The Telephone Number Authority List Authority Token (TNAuthList > >>>>> Authority Token) is a profile instance of ... > >>>>> --> > >>>> > >>>> Similar to answer for comment 1 above, we should only use TNAuthList > >>>> > >>>>> > >>>>> > >>>>> 4) <!--[rfced] Are these terms equivalent? If so, should Section 5.4 > >>>>> be updated to use the shorter form? > >>>>> > >>>>> Original (Section 3): > >>>>> the TNAuthList ASN.1 object > >>>>> > >>>>> vs. > >>>>> > >>>>> Original (Section 5.4): > >>>>> the TN Authorization List certificate extension ASN.1 object > >>>>> --> > >>>>> > >>>> > >>>> Yes please make Section 5.4 say “the TNAuthList certificate extension > ASN.1 object > >>>> > >>>>> > >>>>> 5) <!--[rfced] It does not appear that "Protected header" is defined > in RFC 9447. > >>>>> Please review and let us know if/how this citation should be > updated. Additionally, > >>>>> may we make "Protected" lowercase? > >>>>> > >>>>> Original: > >>>>> The TNAuthList Authority Token Protected header MUST comply with the > >>>>> Authority Token Protected header as defined in > >>>>> [I-D.ietf-acme-authority-token]. > >>>>> --> > >>>> > >>>> Protected header (and more specifically JWS Protected Header) is > originally defined in RFC7515. It does seem that whenever it’s referred to > in 7515 or related documents it is all capitalized. > >>>> That said, if I look at RFC8555 (ACME) it has both capitalized and > non-capitalized (without JWS prefix) references. > >>>> I think colloquially people generally say just “protected header”. > >>>> > >>>> We inherit the use of protected header through RFC8555 usage, so I > think the right reference is RFC8555 Section 6.2. > >>>> > >>>> You are correct that authority token draft focuses on “atc" as a new > identifier for inclusion in the protected header, but doesn’t mention > protected header other than showing an example. > >>>> > >>>> So, my proposed fix would be the following: > >>>> The TNAuthList Authority Token protected header MUST comply with > [RFC8555] Section 6.2 Request Authentication. > >>>> > >>>> The following paragraph includes the MUST for including “atc” which > is the authority token draft requirement being referred to. > >>>> > >>>> A second option would be to remove the sentence, it is perhaps > redundant since the MUST compliance with 8555 might be a bit redundant. > Feedback is welcome. > >>>> > >>>>> > >>>>> > >>>>> 6) <!--[rfced] We note that RFC 7231 does not contain a Section > 14.8. > >>>>> Also, RFC 7231 has been obsoleted by RFC 9110; may we replace this > >>>>> reference to RFC 7231 with one to RFC 9110? If so, please provide > >>>>> the accurate section number. > >>>>> > >>>>> Original: > >>>>> For example, an HTTP authorization header containing a > >>>>> valid authorization credentials as defined in [RFC7231] Section 14.8. > >>>>> --> > >>>>> > >>>> > >>>> Yes, RFC9110 Section 11.6.2 Authorization Header. > >>>> > >>>>> > >>>>> 7) <!--[rfced] In Section 6, are the steps listed meant to occur in > a specific order? > >>>>> Should the list be converted to a numbered list? > >>>>> --> > >>>>> > >>>> > >>>> Yes i think that would be appropriate. > >>>> > >>>>> > >>>>> 8) <!--[rfced] Should "JWS signature" be updated to simply "JWS" to > avoid redundancy > >>>>> (if expanded, "JWS signature" would read "JSON Web Signature > signature"). Please review > >>>>> and let us know if any updates are needed. > >>>>> > >>>>> Original: > >>>>> JSON Web Signature (JWS, [RFC7515]) objects can include an "x5u" > >>>>> header parameter to refer to a certificate that is used to validate > >>>>> the JWS signature. > >>>>> > >>>>> Perhaps: > >>>>> JSON Web Signature (JWS) [RFC7515] objects can include an "x5u" > >>>>> header parameter to refer to a certificate that is used to validate > >>>>> the JWS. > >>>>> --> > >>>> > >>>> RFC7515 Section 5.1 refers to JWS Signature as well. Basically a JWS > object contains a signature section and that is what we are referring to in > the last part of the sentence. So i think it’s correct as is. > >>>> > >>>>> > >>>>> > >>>>> 9) <!-- [rfced] In the reference below, the URL provided returns a > >>>>> "document not found" error. We have updated the URL as follows, > >>>>> and the other information accordingly. Please review and let us > >>>>> know any updates. > >>>>> > >>>>> Original: > >>>>> [ATIS-1000080] > >>>>> ATIS/SIP Forum NNI Task Group, "Signature-based Handling > >>>>> of Asserted information using toKENs (SHAKEN) Governance > >>>>> Model and Certificate Management > >>>>> <https://access.atis.org/apps/group_public/ > >>>>> download.php/32237/ATIS-1000080.pdf>", July 2017. > >>>>> > >>>>> Current: > >>>>> [ATIS-1000080] > >>>>> ATIS, "Signature-based Handling of Asserted information > >>>>> using toKENs (SHAKEN): Governance Model and Certificate > >>>>> Management", ATIS-1000080.v005, December 2022, > >>>>> <https://access.atis.org/apps/group_public/ > >>>>> download.php/69428/ATIS-1000080.v005.pdf>. > >>>>> --> > >>>>> > >>>> > >>>> Yes, this is an unfortunate thing with ATIS document links, but the > update is fine. An alternative would be to remove the URL and just refer > to the document. I am ok either way. > >>>> > >>>>> > >>>>> 10) <!--[rfced] Terminology > >>>>> > >>>>> a) We see that "CA" was expanded as both "certificate authority" > >>>>> (1 instance) and "certification authority". FYI, we have updated > >>>>> this term to the latter. (This matches the guidance received from > >>>>> experts in the past and matches usage in RFC 9447.) Please let us > >>>>> know if you object. > >>>>> > >>>>> Original: > >>>>> This section defines > >>>>> an optional mechanism for the Certificate Authority (CA) to host the > >>>>> certificate directly and provide a URL that the ACME client owner can > >>>>> directly reference in the "x5u" of their signed PASSporTs. > >>>>> > >>>>> Current: > >>>>> This section defines > >>>>> an optional mechanism for the certification authority (CA) to host > the > >>>>> certificate directly and provide a URL that the ACME client owner can > >>>>> directly reference in the "x5u" of their signed PASSporTs. > >>>> > >>>> Yes, certification authority is good. > >>>> > >>>>> > >>>>> b) Throughout the text, "TNBlock" and "TN Block" appear to be used > >>>>> inconsistently. Please review these occurrences and let us know > if/how they > >>>>> may be made consistent. > >>>> > >>>> I would correct it with the following text: > >>>> Original > >>>> … with a particular set of different TN Blocks and/or TNs. > TNAuthList can be constructed to define a limited scope of the TNBlocks or > TNs either associated with an SPC or with the scope of TN Blocks or TNs the > client has authority over. > >>>> > >>>> Modified > >>>> … with a particular set of different telephone number ranges and/or > telephone numbers. TNAuthList can be constructed to define a limited scope > of the TelephoneNumberRanges or TelephoneNumbers [RFC8226] Section 9 either > associated with an SPC or with the scope of telephone number ranges or > telephone numbers the client has authority over. > >>>> > >>>> TN Block and telephone number range are essentially equivalent terms. > >>>> > >>>>> > >>>>> c) FYI, we have added expansions for the following abbreviations > >>>>> per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review each > >>>>> expansion in the document carefully to ensure correctness. > >>>>> > >>>>> Certificate Signing Request (CSR) > >>>>> Personal Assertion Token (PASSporT) > >>>>> Signature-based Handling of Asserted information using ToKENs > (SHAKEN) > >>>>> Secure Telephone Identity Revisited (STIR) > >>>>> Voice over IP (VoIP) > >>>>> —> > >>>>> > >>>> > >>>> Yes those are correct. > >>>> > >>>>> > >>>>> 11) <!--[rfced] Please review the "Inclusive Language" portion of > the online > >>>>> Style Guide < > https://www.rfc-editor.org/styleguide/part2/#inclusive_language> > >>>>> and let us know if any changes are needed. > >>>>> > >>>>> Note that our script did not flag any words in particular, but this > should still > >>>>> be reviewed as a best practice. > >>>>> --> > >>>> > >>>> Reviewed and didn’t find anything. > >>>> > >>>>> > >>>>> > >>>>> Thank you. > >>>>> > >>>>> RFC Editor/ar/ap > >>>>> > >>>>> > >>>>> On Jul 24, 2023, rfc-editor@rfc-editor.org wrote: > >>>>> > >>>>> *****IMPORTANT***** > >>>>> > >>>>> Updated 2023/07/24 > >>>>> > >>>>> RFC Author(s): > >>>>> -------------- > >>>>> > >>>>> Instructions for Completing AUTH48 > >>>>> > >>>>> Your document has now entered AUTH48. Once it has been reviewed and > >>>>> approved by you and all coauthors, it will be published as an RFC. > >>>>> If an author is no longer available, there are several remedies > >>>>> available as listed in the FAQ (https://www.rfc-editor.org/faq/). > >>>>> > >>>>> You and you coauthors are responsible for engaging other parties > >>>>> (e.g., Contributors or Working Group) as necessary before providing > >>>>> your approval. > >>>>> > >>>>> Planning your review > >>>>> --------------------- > >>>>> > >>>>> Please review the following aspects of your document: > >>>>> > >>>>> * RFC Editor questions > >>>>> > >>>>> Please review and resolve any questions raised by the RFC Editor > >>>>> that have been included in the XML file as comments marked as > >>>>> follows: > >>>>> > >>>>> <!-- [rfced] ... --> > >>>>> > >>>>> These questions will also be sent in a subsequent email. > >>>>> > >>>>> * Changes submitted by coauthors > >>>>> > >>>>> Please ensure that you review any changes submitted by your > >>>>> coauthors. We assume that if you do not speak up that you > >>>>> agree to changes submitted by your coauthors. > >>>>> > >>>>> * Content > >>>>> > >>>>> Please review the full content of the document, as this cannot > >>>>> change once the RFC is published. Please pay particular attention > to: > >>>>> - IANA considerations updates (if applicable) > >>>>> - contact information > >>>>> - references > >>>>> > >>>>> * Copyright notices and legends > >>>>> > >>>>> Please review the copyright notice and legends as defined in > >>>>> RFC 5378 and the Trust Legal Provisions > >>>>> (TLP – https://trustee.ietf.org/license-info/). > >>>>> > >>>>> * Semantic markup > >>>>> > >>>>> Please review the markup in the XML file to ensure that elements of > >>>>> content are correctly tagged. For example, ensure that <sourcecode> > >>>>> and <artwork> are set correctly. See details at > >>>>> <https://authors.ietf.org/rfcxml-vocabulary>. > >>>>> > >>>>> * Formatted output > >>>>> > >>>>> Please review the PDF, HTML, and TXT files to ensure that the > >>>>> formatted output, as generated from the markup in the XML file, is > >>>>> reasonable. Please note that the TXT will have formatting > >>>>> limitations compared to the PDF and HTML. > >>>>> > >>>>> > >>>>> Submitting changes > >>>>> ------------------ > >>>>> > >>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as > all > >>>>> the parties CCed on this message need to see your changes. The > parties > >>>>> include: > >>>>> > >>>>> * your coauthors > >>>>> > >>>>> * rfc-editor@rfc-editor.org (the RPC team) > >>>>> > >>>>> * other document participants, depending on the stream (e.g., > >>>>> IETF Stream participants are your working group chairs, the > >>>>> responsible ADs, and the document shepherd). > >>>>> > >>>>> * auth48archive@rfc-editor.org, which is a new archival mailing > list > >>>>> to preserve AUTH48 conversations; it is not an active discussion > >>>>> list: > >>>>> > >>>>> * More info: > >>>>> > https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc > >>>>> > >>>>> * The archive itself: > >>>>> https://mailarchive.ietf.org/arch/browse/auth48archive/ > >>>>> > >>>>> * Note: If only absolutely necessary, you may temporarily opt out > >>>>> of the archiving of messages (e.g., to discuss a sensitive matter). > >>>>> If needed, please add a note at the top of the message that you > >>>>> have dropped the address. When the discussion is concluded, > >>>>> auth48archive@rfc-editor.org will be re-added to the CC list and > >>>>> its addition will be noted at the top of the message. > >>>>> > >>>>> You may submit your changes in one of two ways: > >>>>> > >>>>> An update to the provided XML file > >>>>> — OR — > >>>>> An explicit list of changes in this format > >>>>> > >>>>> Section # (or indicate Global) > >>>>> > >>>>> OLD: > >>>>> old text > >>>>> > >>>>> NEW: > >>>>> new text > >>>>> > >>>>> You do not need to reply with both an updated XML file and an > explicit > >>>>> list of changes, as either form is sufficient. > >>>>> > >>>>> We will ask a stream manager to review and approve any changes that > seem > >>>>> beyond editorial in nature, e.g., addition of new text, deletion of > text, > >>>>> and technical changes. Information about stream managers can be > found in > >>>>> the FAQ. Editorial changes do not require approval from a stream > manager. > >>>>> > >>>>> > >>>>> Approving for publication > >>>>> -------------------------- > >>>>> > >>>>> To approve your RFC for publication, please reply to this email > stating > >>>>> that you approve this RFC for publication. Please use ‘REPLY ALL’, > >>>>> as all the parties CCed on this message need to see your approval. > >>>>> > >>>>> > >>>>> Files > >>>>> ----- > >>>>> > >>>>> The files are available here: > >>>>> https://www.rfc-editor.org/authors/rfc9448.xml > >>>>> https://www.rfc-editor.org/authors/rfc9448.html > >>>>> https://www.rfc-editor.org/authors/rfc9448.pdf > >>>>> https://www.rfc-editor.org/authors/rfc9448.txt > >>>>> > >>>>> Diff file of the text: > >>>>> https://www.rfc-editor.org/authors/rfc9448-diff.html > >>>>> https://www.rfc-editor.org/authors/rfc9448-rfcdiff.html (side by > side) > >>>>> > >>>>> Diff of the XML: > >>>>> https://www.rfc-editor.org/authors/rfc9448-xmldiff1.html > >>>>> > >>>>> The following files are provided to facilitate creation of your own > >>>>> diff files of the XML. > >>>>> > >>>>> Initial XMLv3 created using XMLv2 as input: > >>>>> https://www.rfc-editor.org/authors/rfc9448.original.v2v3.xml > >>>>> > >>>>> XMLv3 file that is a best effort to capture v3-related format > updates > >>>>> only: > >>>>> https://www.rfc-editor.org/authors/rfc9448.form.xml > >>>>> > >>>>> > >>>>> Tracking progress > >>>>> ----------------- > >>>>> > >>>>> The details of the AUTH48 status of your document are here: > >>>>> https://www.rfc-editor.org/auth48/rfc9448 > >>>>> > >>>>> Please let us know if you have any questions. > >>>>> > >>>>> Thank you for your cooperation, > >>>>> > >>>>> RFC Editor > >>>>> > >>>>> -------------------------------------- > >>>>> RFC9448 (draft-ietf-acme-authority-token-tnauthlist-13) > >>>>> > >>>>> Title : TNAuthList profile of ACME Authority Token > >>>>> Author(s) : C. Wendt, D. Hancock, M. Barnes, J. Peterson > >>>>> WG Chair(s) : Deb Cooley, Deb Cooley, Yoav Nir > >>>>> Area Director(s) : Roman Danyliw, Paul Wouters > >>> > >> > > > >
- [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-acme-… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Chris Wendt
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Chris Wendt
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Mary Barnes
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… David Hancock
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… David Hancock
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Peterson, Jon
- Re: [auth48] AUTH48: RFC-to-be 9448 <draft-ietf-a… Alanna Paloma