Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-acme-authority-token-09> for your review

[David Hancock <davidhancock.ietf@gmail.com>]

The text file still shows my company affiliation as "Comcast". But I assume
that's a glitch, since the pdf and html files show the correct affiliation.
So I approve the document for publication.

Thanks,
David

On Mon, Aug 21, 2023 at 4:13 PM Alanna Paloma <apaloma@amsl.com> wrote:

> Hi Chris and David,
>
> Thank you for your replies. We have noted Chris’s approval on the AUTH48
> status page and updated David’s company affiliation accordingly.
>
> The files are available here:
> https://www.rfc-editor.org/authors/rfc9447.xml
> https://www.rfc-editor.org/authors/rfc9447.txt
> https://www.rfc-editor.org/authors/rfc9447.pdf
> https://www.rfc-editor.org/authors/rfc9447.html
>
> The relevant diff files have been posted here:
>  https://www.rfc-editor.org/authors/rfc9447-diff.html (comprehensive diff)
>  https://www.rfc-editor.org/authors/rfc9447-auth48diff.html (AUTH48
> changes)
>  https://www.rfc-editor.org/authors/rfc9447-lastdiff.html (last version
> to this one)
>
> We will await approvals from David and John before continuing with the
> publication process.
>
> For the AUTH48 status of this document, please see:
> https://www.rfc-editor.org/auth48/rfc9447
>
> Thank you,
> RFC Editor/ap
>
> > On Aug 21, 2023, at 12:27 PM, David Hancock <davidhancock.ietf@gmail.com>
> wrote:
> >
> > Please update my company affiliation from Comcast to Somos Inc. in two
> places...
> >
> >  ---
> > On title page, authors list:
> > OLD:
> >   D. Hancock
> >   Comcast
> >   C. Wendt
> >   Somos
> >
> > NEW:
> >   D. Hancock
> >   C.Wendt
> >   Somos
> >
> > On the last page, list of Authors' Addresses
> > OLD:
> >    David Hancock
> >    Comcast
> >    Email: davidhancock.ietf@gmail.com
> >
> > NEW:
> >    David Hancock
> >    Somos
> >    Email: davidhancock.ietf@gmail.com
> > ---
> > Thanks,
> > David
> >
> >
> > On Mon, Aug 21, 2023 at 12:29 PM Chris Wendt <chris-ietf@chriswendt.net>
> wrote:
> > Everything looks good, i approve.
> >
> > > On Aug 21, 2023, at 1:27 PM, Alanna Paloma <apaloma@amsl.com> wrote:
> > >
> > > Hi John, David, and Chris,
> > >
> > > This is a friendly reminder that we await you reviews and approvals
> before continuing with the publication process.
> > >
> > > Additionally, please let us know if/how you would like the “type”
> attribute set for the <sourcecode> elements in this document:
> > >>> 6) <!--[rfced] Please review the "type" attribute of each sourcecode
> element
> > >>> in the XML file to ensure correctness. If the current list of
> preferred
> > >>> values for "type" (
> https://www.rfc-editor.org/materials/sourcecode-types.txt)
> > >>> does not contain an applicable type, then feel free to let us
> > >>> know. Also, it is acceptable to leave the "type" attribute not set.
> > >>> -->
> > >>>
> > >>> <JFP> I’m not aware I’m using sourcecode as an element in the XML.
> These are all figure/artwork blocks.
> > >>
> > >> Currently, there are 3 instances of the <sourcecode> element in this
> document:
> > >> https://www.rfc-editor.org/authors/rfc9447.html#section-4-6
> > >> https://www.rfc-editor.org/authors/rfc9447.html#section-4-8
> > >> https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2
> > >>
> > >> For background, "The <artwork> element should not be used for source
> code and formal languages, the <sourcecode> element should be used
> instead.” (https://authors.ietf.org/en/rfcxml-vocabulary#artwork).
> <sourcecode> is used to contain code that compiles or does not; it can be
> one of the preferred “type" values or no type at all. Please review and let
> us know if/how you would like the “type” attribute set.
> > >
> > > The files are available here:
> > > https://www.rfc-editor.org/authors/rfc9447.xml
> > > https://www.rfc-editor.org/authors/rfc9447.txt
> > > https://www.rfc-editor.org/authors/rfc9447.pdf
> > > https://www.rfc-editor.org/authors/rfc9447.html
> > >
> > > AUTH48 diff:
> > > https://www.rfc-editor.org/authors/rfc9447-auth48diff.html
> > >
> > > Comprehensive diffs:
> > > https://www.rfc-editor.org/authors/rfc9447-diff.html
> > > https://www.rfc-editor.org/authors/rfc9447-rfcdiff.html
> > >
> > > For the AUTH48 status of this document, please see:
> > > https://www.rfc-editor.org/auth48/rfc9447
> > >
> > > Thank you,
> > > RFC Editor/ap
> > >
> > >
> > >> On Aug 14, 2023, at 9:58 AM, Alanna Paloma <apaloma@amsl.com> wrote:
> > >>
> > >> Hi Roman,
> > >>
> > >> Thank you for your reply. Your approval has been noted on the AUTH48
> status page:
> > >> https://www.rfc-editor.org/auth48/rfc9447
> > >>
> > >> Best regards,
> > >> RFC Editor/ap
> > >>
> > >>> On Aug 14, 2023, at 9:13 AM, Roman Danyliw <rdd@cert.org> wrote:
> > >>>
> > >>> Hi!
> > >>>
> > >>> Approved.
> > >>>
> > >>> Thanks,
> > >>> Roman
> > >>>
> > >>>> -----Original Message-----
> > >>>> From: Alanna Paloma <apaloma@amsl.com>
> > >>>> Sent: Friday, August 11, 2023 12:21 PM
> > >>>> To: Roman Danyliw <rdd@cert.org>; Peterson, Jon
> > >>>> <Jon.Peterson@transunion.com>; davidhancock.ietf@gmail.com; chris-
> > >>>> ietf@chriswendt.net
> > >>>> Cc: Mary Barnes <mary.ietf.barnes@gmail.com>; acme-ads@ietf.org;
> acme-
> > >>>> chairs@ietf.org; auth48archive@rfc-editor.org;
> jon.peterson@team.neustar;
> > >>>> rfc-editor@rfc-editor.org; rsalz@akamai.com
> > >>>> Subject: Re: [AD] AUTH48: RFC-to-be 9447
> <draft-ietf-acme-authority-token-
> > >>>> 09> for your review
> > >>>>
> > >>>> Jon, David, Chris, and Roman*,
> > >>>>
> > >>>> *Roman (AD) - This is a friendly reminder that we await your review
> and
> > >>>> approval of the changes to the RFC 2119/8174 keywords in Sections 4
> and 7
> > >>>> and the removal of RFCs 3986 and 4648 from the Normative References
> > >>>> section. These updates can be seen in this diff file:
> > >>>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html
> > >>>>
> > >>>> Authors - Please let us know if/how you would like the “type”
> attribute set for
> > >>>> the <sourcecode> elements in this document:
> > >>>>>> 6) <!--[rfced] Please review the "type" attribute of each
> sourcecode
> > >>>>>> element in the XML file to ensure correctness. If the current
> list of
> > >>>>>> preferred values for "type"
> > >>>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt)
> > >>>>>> does not contain an applicable type, then feel free to let us
> know.
> > >>>>>> Also, it is acceptable to leave the "type" attribute not set.
> > >>>>>> -->
> > >>>>>>
> > >>>>>> <JFP> I’m not aware I’m using sourcecode as an element in the
> XML. These
> > >>>> are all figure/artwork blocks.
> > >>>>>
> > >>>>> Currently, there are 3 instances of the <sourcecode> element in
> this
> > >>>> document:
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-6
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-8
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2
> > >>>>>
> > >>>>> For background, "The <artwork> element should not be used for
> source code
> > >>>> and formal languages, the <sourcecode> element should be used
> instead.”
> > >>>> (https://authors.ietf.org/en/rfcxml-vocabulary#artwork).
> <sourcecode> is used
> > >>>> to contain code that compiles or does not; it can be one of the
> preferred “type"
> > >>>> values or no type at all. Please review and let us know if/how you
> would like
> > >>>> the “type” attribute set.
> > >>>>
> > >>>>
> > >>>> We will await any further changes as well approvals from Jon,
> David, Chris, and
> > >>>> *Roman prior to moving forward in the publication process.
> > >>>>
> > >>>> The files are available here:
> > >>>> https://www.rfc-editor.org/authors/rfc9447.xml
> > >>>> https://www.rfc-editor.org/authors/rfc9447.txt
> > >>>> https://www.rfc-editor.org/authors/rfc9447.pdf
> > >>>> https://www.rfc-editor.org/authors/rfc9447.html
> > >>>>
> > >>>> AUTH48 diff:
> > >>>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html
> > >>>>
> > >>>> Comprehensive diffs:
> > >>>> https://www.rfc-editor.org/authors/rfc9447-diff.html
> > >>>> https://www.rfc-editor.org/authors/rfc9447-rfcdiff.html
> > >>>>
> > >>>> For the AUTH48 status of this document, please see:
> > >>>> https://www.rfc-editor.org/auth48/rfc9447
> > >>>>
> > >>>> Thank you,
> > >>>> RFC Editor/ap
> > >>>>
> > >>>>> On Aug 4, 2023, at 8:56 AM, Alanna Paloma <apaloma@amsl.com>
> wrote:
> > >>>>>
> > >>>>> Hi Jon, Mary, and Roman*
> > >>>>>
> > >>>>> *Roman (AD) - Please review and approve of the changes to the RFC
> > >>>> 2119/8174 keywords in Sections 4 and 7 and the removal of RFCs 3986
> and
> > >>>> 4648 from the Normative References section. These updates can be
> seen in this
> > >>>> diff file:
> > >>>>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html
> > >>>>>
> > >>>>> Authors - Thank you for your replies. We have updated the files
> accordingly.
> > >>>> Mary’s approval has been noted on the AUTH48 status page, and we
> assume
> > >>>> her assent to changes from the other coauthors unless we hear
> otherwise.
> > >>>>>
> > >>>>>> 6) <!--[rfced] Please review the "type" attribute of each
> sourcecode
> > >>>>>> element in the XML file to ensure correctness. If the current
> list of
> > >>>>>> preferred values for "type"
> > >>>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt)
> > >>>>>> does not contain an applicable type, then feel free to let us
> know.
> > >>>>>> Also, it is acceptable to leave the "type" attribute not set.
> > >>>>>> -->
> > >>>>>>
> > >>>>>> <JFP> I’m not aware I’m using sourcecode as an element in the
> XML. These
> > >>>> are all figure/artwork blocks.
> > >>>>>
> > >>>>> Currently, there are 3 instances of the <sourcecode> element in
> this
> > >>>> document:
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-6
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-8
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2
> > >>>>>
> > >>>>> For background, "The <artwork> element should not be used for
> source code
> > >>>> and formal languages, the <sourcecode> element should be used
> instead.”
> > >>>> (https://authors.ietf.org/en/rfcxml-vocabulary#artwork).
> <sourcecode> is used
> > >>>> to contain code that compiles or does not; it can be one of the
> preferred “type"
> > >>>> values or no type at all. Please review and let us know if/how you
> would like
> > >>>> the “type” attribute set.
> > >>>>>
> > >>>>> The files have been posted here (please refresh):
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.xml
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.txt
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.html
> > >>>>> https://www.rfc-editor.org/authors/rfc9447.pdf
> > >>>>>
> > >>>>> The relevant diff files have been posted here:
> > >>>>> https://www.rfc-editor.org/authors/rfc9447-diff.html
> (comprehensive
> > >>>>> diff) https://www.rfc-editor.org/authors/rfc9447-auth48diff.html
> > >>>>> (AUTH48 changes)
> > >>>>>
> > >>>>> Please review the document carefully and contact us with any
> further
> > >>>> updates you may have.  Note that we do not make changes once a
> document is
> > >>>> published as an RFC.
> > >>>>>
> > >>>>> We will await approvals from Jon, David, Chris, and *Roman (AD)
> prior to
> > >>>> moving this document forward in the publication process.
> > >>>>>
> > >>>>> For the AUTH48 status of this document, please see:
> > >>>>> https://www.rfc-editor.org/auth48/rfc9447
> > >>>>>
> > >>>>> Thank you,
> > >>>>> RFC Editor/ap
> > >>>>>
> > >>>>>> On Aug 3, 2023, at 10:39 AM, Mary Barnes <
> mary.ietf.barnes@gmail.com>
> > >>>> wrote:
> > >>>>>>
> > >>>>>> I think the document is fine with consideration of Jon’s comments.
> > >>>>>>
> > >>>>>> Mary
> > >>>>>>
> > >>>>>> On Thu, Aug 3, 2023 at 7:26 AM Peterson, Jon
> > >>>> <Jon.Peterson@transunion.com> wrote:
> > >>>>>> Please see my responses marked as <JFP> below. Thanks!
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> From: rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org>
> > >>>>>> Date: Tuesday, July 25, 2023 at 1:56 AM
> > >>>>>> To: jon.peterson@team.neustar <jon.peterson@team.neustar>,
> > >>>>>> mary.ietf.barnes@gmail.com <mary.ietf.barnes@gmail.com>,
> > >>>>>> davidhancock.ietf@gmail.com <davidhancock.ietf@gmail.com>,
> > >>>>>> chris-ietf@chriswendt.net <chris-ietf@chriswendt.net>
> > >>>>>> Cc: rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org>,
> > >>>>>> acme-ads@ietf.org <acme-ads@ietf.org>, acme-chairs@ietf.org
> > >>>>>> <acme-chairs@ietf.org>, rsalz@akamai.com <rsalz@akamai.com>,
> > >>>>>> rdd@cert.org <rdd@cert.org>, auth48archive@rfc-editor.org
> > >>>>>> <auth48archive@rfc-editor.org>
> > >>>>>> Subject: Re: AUTH48: RFC-to-be 9447
> > >>>>>> <draft-ietf-acme-authority-token-09> for your review
> > >>>>>>
> > >>>>>> Authors,
> > >>>>>>
> > >>>>>> While reviewing this document during AUTH48, please resolve (as
> > >>>> necessary) the following questions, which are also in the XML file.
> > >>>>>>
> > >>>>>> 1) <!--[rfced] Please note the the title of the document has been
> updated as
> > >>>> follows.
> > >>>>>> The abbreviation has been expanded per Section 3.6 of RFC 7322
> ("RFC Style
> > >>>> Guide").
> > >>>>>> Please review.
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> ACME Challenges Using an Authority Token
> > >>>>>>
> > >>>>>> Current:
> > >>>>>> Automated Certificate Management Environment (ACME) Challenges
> Using
> > >>>>>> an Authority Token
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 2) <!--[rfced] For clarity, should "Authority" be "Token
> Authority" here?
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> For example, imagine a case where an Authority for DNS names knows
> > >>>>>> that a client is eligible to receive certificates for
> > >>>> "https://urldefense.proofpoint.com/v2/url?u=http-
> > >>>> 3A__example.com&d=DwIFaQ&c=7gn0PlAmraV3zr-
> > >>>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N
> > >>>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D
> > >>>> moqBuqfP-&s=FSP3n0qEZdE4lnN1EPjigIr1blbyoY7QMUl1ZNCvZpQ&e= "
> > >>>>>> and "https://urldefense.proofpoint.com/v2/url?u=http-
> > >>>> 3A__example.net&d=DwIFaQ&c=7gn0PlAmraV3zr-
> > >>>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N
> > >>>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D
> > >>>> moqBuqfP-&s=4D7dUBWOxRL7tTWU2ITbtLplCX7E9Qd3UwLDnUwylWo&e= ".
> > >>>>>>
> > >>>>>> Perhaps:
> > >>>>>> For example, imagine a case where a Token Authority for DNS names
> > >>>> knows
> > >>>>>> that a client is eligible to receive certificates for
> > >>>> "https://urldefense.proofpoint.com/v2/url?u=http-
> > >>>> 3A__example.com&d=DwIFaQ&c=7gn0PlAmraV3zr-
> > >>>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N
> > >>>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D
> > >>>> moqBuqfP-&s=FSP3n0qEZdE4lnN1EPjigIr1blbyoY7QMUl1ZNCvZpQ&e= "
> > >>>>>> and "https://urldefense.proofpoint.com/v2/url?u=http-
> > >>>> 3A__example.net&d=DwIFaQ&c=7gn0PlAmraV3zr-
> > >>>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N
> > >>>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D
> > >>>> moqBuqfP-&s=4D7dUBWOxRL7tTWU2ITbtLplCX7E9Qd3UwLDnUwylWo&e= ".
> > >>>>>>
> > >>>>>> <JFP> OK. Below is not correct.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> Similarly (for the reverse), should "Token" be "Authority Token"
> here?
> > >>>>>> Or, perhaps using just one word was intended to mitigate
> confusion?
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> ...an ACME server can use the
> > >>>>>> binding to determine that a Token presented by a client was in
> fact
> > >>>>>> granted by the Token Authority based on a request from the client,
> > >>>>>> and not from some other entity.
> > >>>>>>
> > >>>>>> Perhaps:
> > >>>>>> ...an ACME server can use the
> > >>>>>> binding to determine that an Authority Token presented by a
> client was in
> > >>>> fact
> > >>>>>> granted by the Token Authority based on a request from the client,
> > >>>>>> and not from some other entity.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> 3) <!--[rfced] As "OPTIONALLY" is not a key word that appears in
> RFC
> > >>>>>> 2119, may this sentence be rephrased to use "OPTIONAL"?
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> For this ACME Authority Token usage of JWT, the payload of the JWT
> > >>>>>> OPTIONALLY contain an "iss" indicating the Token Authority that
> > >>>>>> generated the token, if the "x5u" or "x5c" element in the header
> does
> > >>>>>> not already convey that information...
> > >>>>>>
> > >>>>>> Perhaps:
> > >>>>>> For this ACME Authority Token usage of JWT, it is OPTIONAL for the
> > >>>>>> payload of the JWT to contain an "iss" indicating the Token
> Authority that
> > >>>>>> generated the token if the "x5u" or "x5c" element in the header
> does
> > >>>>>> not already convey that information...
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 4) <!--[rfced] We note that RFC 8226 does not contain mention of
> "tkvalue".
> > >>>>>> Please review and let us know if/how this citation should be
> updated.
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> Following the example of
> [I-D.ietf-acme-authority-token-tnauthlist],
> > >>>>>> the "tktype" identifier type could be the TNAuthList, with a
> > >>>>>> "tkvalue" as defined in [RFC8226] that the Token Authority is
> > >>>>>> attesting.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> Good catch. We’re not saying that the “tkvalue” element is
> defined in
> > >>>> RFC8226, but that the value of the “tkvalue” element is a
> TNAuthList has
> > >>>> defiend in RFC8226. So maybe:
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> The “tktype” identifier type could be the TNAuthList (as defined
> in
> > >>>> [RFC8226]), which would be the value for the “tkvalue” element that
> the Token
> > >>>> Authority is attesting.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 5) <!--[rfced] In Section 4, the following lines in sourcecode
> > >>>>>> exceeded the 69-character limit. Line breaks have been added as
> > >>>>>> follows; please review and let us know if these lines should
> appear in a
> > >>>> different manner.
> > >>>>>>
> > >>>>>> Original (lines 407 and 408):
> > >>>>>>
> > >>>>
> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==","fingerprint":
> > >>>>>>  "SHA256
> > >>>> 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:BA:B9:19:81:F8:50:
> > >>>>>>  9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"}
> > >>>>>>
> > >>>>>> Current:
> > >>>>>>  "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==",
> > >>>>>>  "fingerprint":"SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:
> > >>>>>>  BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"}
> > >>>>>>
> > >>>>>>
> > >>>>>> Original (lines 424 and 425):
> > >>>>>>
> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==","ca":true,
> > >>>>>> "fingerprint":"SHA256
> > >>>> 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:BA:B9:19:81:F8:50:
> > >>>>>> 9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} }
> > >>>>>>
> > >>>>>> Current:
> > >>>>>> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==",
> > >>>>>> "ca":true,"fingerprint":"SHA256
> 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:
> > >>>>>> 71:D3:BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} }
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 6) <!--[rfced] Please review the "type" attribute of each
> sourcecode
> > >>>>>> element in the XML file to ensure correctness. If the current
> list of
> > >>>>>> preferred values for "type"
> > >>>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt)
> > >>>>>> does not contain an applicable type, then feel free to let us
> know.
> > >>>>>> Also, it is acceptable to leave the "type" attribute not set.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> I’m not aware I’m using sourcecode as an element in the
> XML. These
> > >>>> are all figure/artwork blocks.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 7) <!-- [rfced] RFC 7231 has been obsoleted by RFC 9110.  May we
> > >>>>>> replace RFC 7231 with RFC 9110 in this sentence?
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> In order to request an Authority Token from a Token Authority, a
> > >>>>>> client sends a HTTPS POST request [RFC7231] .
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 8) <!--[rfced] Per RFCs 2119 and 8174, may we update "SHOULD not"
> to
> > >>>> "SHOULD NOT"
> > >>>>>> in the sentence below?
> > >>>>>>
> > >>>>>> Original:
> > >>>>>> ACME services relying
> > >>>>>> on Authority Tokens SHOULD not issue certificates with a longer
> > >>>>>> expiry than the expiry of the Authority Token.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 9) <!--[rfced] The following references are not cited in the text.
> > >>>>>> Please let us know where they should be cited or if these
> references
> > >>>>>> should be deleted from the References section.
> > >>>>>>
> > >>>>>> [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter,
> "Uniform
> > >>>>>>           Resource Identifier (URI): Generic Syntax", STD 66,
> > >>>>>>           RFC 3986, DOI 10.17487/RFC3986, January 2005,
> > >>>>>>           <https://urldefense.com/v3/__https://www.rfc-
> > >>>>
> editor.org/info/rfc3986__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb
> > >>>> 08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGkYIcdPQ$
> > >>>>> .
> > >>>>>>
> > >>>>>> [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
> > >>>>>>           Encodings", RFC 4648, DOI 10.17487/RFC4648, October
> 2006,
> > >>>>>>           <https://urldefense.com/v3/__https://www.rfc-
> > >>>>
> editor.org/info/rfc4648__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb
> > >>>> 08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSH2BxuGBg$
> > >>>>> .
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> Um, I suppose we don’t need those cited.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 10) <!--[rfced] Throughout the text, "ACME Identifier Type", "ACME
> > >>>>>> Identifier type", and "ACME identifier type" appear were used
> > >>>>>> inconsistently. We have updated all occurrences to capitalized,
> i.e., "ACME
> > >>>> Identifier Type".
> > >>>>>> Please review and let us know if you prefer otherwise.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> I only see one instance of that construction where “type” is
> > >>>> uncapitalized in the -09 XML source (and none where “identifier” is
> > >>>> uncapitalized in that construction), but forcing capitalization is
> fine.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 11) <!-- [rfced] FYI - We have added expansions for the following
> > >>>>>> abbreviations per Section 3.6 of RFC 7322 ("RFC Style Guide").
> Please
> > >>>>>> review each expansion in the document carefully to ensure
> correctness.
> > >>>>>>
> > >>>>>> JSON Web Signature (JWS)
> > >>>>>> Telephone Number Authorization List (TNAuthList)
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> 12) <!-- [rfced] Please review the "Inclusive Language" portion of
> > >>>>>> the online Style Guide
> > >>>>>> <https://urldefense.com/v3/__https://www.rfc-
> > >>>>
> editor.org/styleguide/part2/*inclusive_language__;Iw!!N14HnBHF!57eJm6xYZh
> > >>>> vvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-
> > >>>> PWy14m14Ao11d1hY5bSHw1FLyNA$ > and let us know if any changes are
> > >>>> needed.
> > >>>>>>
> > >>>>>> Note that our script did not flag any words in particular, but
> this
> > >>>>>> should still be reviewed as a best practice.
> > >>>>>> -->
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> OK.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> Thank you.
> > >>>>>>
> > >>>>>>
> > >>>>>> <JFP> Thanks!
> > >>>>>>
> > >>>>>>
> > >>>>>> RFC Editor/ar/ar
> > >>>>>>
> > >>>>>>
> > >>>>>> On Jul 24, 2023, rfc-editor@rfc-editor.org wrote:
> > >>>>>>
> > >>>>>> *****IMPORTANT*****
> > >>>>>>
> > >>>>>> Updated 2023/07/24
> > >>>>>>
> > >>>>>> RFC Author(s):
> > >>>>>> --------------
> > >>>>>>
> > >>>>>> Instructions for Completing AUTH48
> > >>>>>>
> > >>>>>> Your document has now entered AUTH48.  Once it has been reviewed
> and
> > >>>>>> approved by you and all coauthors, it will be published as an RFC.
> > >>>>>> If an author is no longer available, there are several remedies
> > >>>>>> available as listed in the FAQ (https://www.rfc-editor.org/faq).
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> You and you coauthors are responsible for engaging other parties
> > >>>>>> (e.g., Contributors or Working Group) as necessary before
> providing
> > >>>>>> your approval.
> > >>>>>>
> > >>>>>> Planning your review
> > >>>>>> ---------------------
> > >>>>>>
> > >>>>>> Please review the following aspects of your document:
> > >>>>>>
> > >>>>>> *  RFC Editor questions
> > >>>>>>
> > >>>>>> Please review and resolve any questions raised by the RFC Editor
> > >>>>>> that have been included in the XML file as comments marked as
> > >>>>>> follows:
> > >>>>>>
> > >>>>>> <!-- [rfced] ... -->
> > >>>>>>
> > >>>>>> These questions will also be sent in a subsequent email.
> > >>>>>>
> > >>>>>> *  Changes submitted by coauthors
> > >>>>>>
> > >>>>>> Please ensure that you review any changes submitted by your
> > >>>>>> coauthors.  We assume that if you do not speak up that you  agree
> to
> > >>>>>> changes submitted by your coauthors.
> > >>>>>>
> > >>>>>> *  Content
> > >>>>>>
> > >>>>>> Please review the full content of the document, as this cannot
> > >>>>>> change once the RFC is published.  Please pay particular
> attention to:
> > >>>>>> - IANA considerations updates (if applicable)
> > >>>>>> - contact information
> > >>>>>> - references
> > >>>>>>
> > >>>>>> *  Copyright notices and legends
> > >>>>>>
> > >>>>>> Please review the copyright notice and legends as defined in  RFC
> > >>>>>> 5378 and the Trust Legal Provisions
> > >>>>>>
> > >>>>>> (TLP –
> https://urldefense.com/v3/__https://trustee.ietf.org/license-
> > >>>> info/__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj
> > >>>> GflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSE9Ks8eAw$ ).
> > >>>>>>
> > >>>>>> *  Semantic markup
> > >>>>>>
> > >>>>>> Please review the markup in the XML file to ensure that elements
> of
> > >>>>>> content are correctly tagged.  For example, ensure that
> <sourcecode>
> > >>>>>> and <artwork> are set correctly.  See details at
> > >>>>>> <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml-
> > >>>> vocabulary__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Z
> > >>>> fvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSH6ck1Vaw$ >.
> > >>>>>>
> > >>>>>> *  Formatted output
> > >>>>>>
> > >>>>>> Please review the PDF, HTML, and TXT files to ensure that the
> > >>>>>> formatted output, as generated from the markup in the XML file, is
> > >>>>>> reasonable.  Please note that the TXT will have formatting
> > >>>>>> limitations compared to the PDF and HTML.
> > >>>>>>
> > >>>>>>
> > >>>>>> Submitting changes
> > >>>>>> ------------------
> > >>>>>>
> > >>>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as
> > >>>>>> all the parties CCed on this message need to see your changes. The
> > >>>>>> parties
> > >>>>>> include:
> > >>>>>>
> > >>>>>> *  your coauthors
> > >>>>>>
> > >>>>>> *  rfc-editor@rfc-editor.org (the RPC team)
> > >>>>>>
> > >>>>>> *  other document participants, depending on the stream (e.g.,
> > >>>>>>  IETF Stream participants are your working group chairs, the
> > >>>>>>  responsible ADs, and the document shepherd).
> > >>>>>>
> > >>>>>> *  auth48archive@rfc-editor.org, which is a new archival mailing
> list
> > >>>>>>  to preserve AUTH48 conversations; it is not an active discussion
> > >>>>>>  list:
> > >>>>>>
> > >>>>>> *  More info:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/iet
> > >>>>>> f-announce/yb6lpIGh-
> > >>>> 4Q9l2USxIAe6P8O4Zc__;!!N14HnBHF!57eJm6xYZhvvvv3CC
> > >>>>>> sAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-
> > >>>> PWy14m14Ao11d1hY5bS
> > >>>>>> Gj2dWypw$
> > >>>>>>
> > >>>>>> *  The archive itself:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/
> > >>>>>>
> > >>>> auth48archive/__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9x
> > >>>> kR
> > >>>>>> 4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGJaGSrxw$
> > >>>>>>
> > >>>>>>
> > >>>>>> *  Note: If only absolutely necessary, you may temporarily opt out
> > >>>>>>    of the archiving of messages (e.g., to discuss a sensitive
> matter).
> > >>>>>>    If needed, please add a note at the top of the message that you
> > >>>>>>    have dropped the address. When the discussion is concluded,
> > >>>>>>    auth48archive@rfc-editor.org will be re-added to the CC list
> and
> > >>>>>>    its addition will be noted at the top of the message.
> > >>>>>>
> > >>>>>> You may submit your changes in one of two ways:
> > >>>>>>
> > >>>>>> An update to the provided XML file
> > >>>>>> — OR —
> > >>>>>> An explicit list of changes in this format
> > >>>>>>
> > >>>>>> Section # (or indicate Global)
> > >>>>>>
> > >>>>>> OLD:
> > >>>>>> old text
> > >>>>>>
> > >>>>>> NEW:
> > >>>>>> new text
> > >>>>>>
> > >>>>>> You do not need to reply with both an updated XML file and an
> > >>>>>> explicit list of changes, as either form is sufficient.
> > >>>>>>
> > >>>>>> We will ask a stream manager to review and approve any changes
> that
> > >>>>>> seem beyond editorial in nature, e.g., addition of new text,
> deletion
> > >>>>>> of text, and technical changes.  Information about stream managers
> > >>>>>> can be found in the FAQ.  Editorial changes do not require
> approval from a
> > >>>> stream manager.
> > >>>>>>
> > >>>>>>
> > >>>>>> Approving for publication
> > >>>>>> --------------------------
> > >>>>>>
> > >>>>>> To approve your RFC for publication, please reply to this email
> > >>>>>> stating that you approve this RFC for publication.  Please use
> ‘REPLY
> > >>>>>> ALL’, as all the parties CCed on this message need to see your
> approval.
> > >>>>>>
> > >>>>>>
> > >>>>>> Files
> > >>>>>> -----
> > >>>>>>
> > >>>>>> The files are available here:
> > >>>>>>
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>> 7.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj
> > >>>> Gf
> > >>>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGAUv8cyg$
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>> 7.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvC
> > >>>> OjG
> > >>>>>> flOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1gSddzQ$
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>> 7.pdf__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj
> > >>>> Gf
> > >>>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1VFJRqA$
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>> 7.txt__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj
> > >>>> Gf
> > >>>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHQISexhQ$
> > >>>>>>
> > >>>>>> Diff file of the text:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>> 7-
> > >>>> diff.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Zf
> > >>>>>> vCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHex2QhVw$
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>> 7-
> > >>>> rfcdiff.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR
> > >>>>>> 4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHQGMBVAQ$  (side
> > >>>> by
> > >>>>>> side)
> > >>>>>>
> > >>>>>> Diff of the XML:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>> 7-
> > >>>> xmldiff1.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xk
> > >>>>>> R4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSEF8uI1zw$
> > >>>>>>
> > >>>>>> The following files are provided to facilitate creation of your
> own
> > >>>>>> diff files of the XML.
> > >>>>>>
> > >>>>>> Initial XMLv3 created using XMLv2 as input:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>>
> 7.original.v2v3.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QL
> > >>>>>> J9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1XnidrQ$
> > >>>>>>
> > >>>>>> XMLv3 file that is a best effort to capture v3-related format
> updates
> > >>>>>> only:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944
> > >>>>>>
> > >>>> 7.form.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Z
> > >>>> fv
> > >>>>>> COjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSFZcRTyPA$
> > >>>>>>
> > >>>>>>
> > >>>>>> Tracking progress
> > >>>>>> -----------------
> > >>>>>>
> > >>>>>> The details of the AUTH48 status of your document are here:
> > >>>>>>
> > >>>>>>
> https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9447
> > >>>>>>
> > >>>> __;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJ
> > >>>> Jj
> > >>>>>> W2zx4mNN-RY-PWy14m14Ao11d1hY5bSGd-lMzUg$
> > >>>>>>
> > >>>>>>
> > >>>>>> Please let us know if you have any questions.
> > >>>>>>
> > >>>>>> Thank you for your cooperation,
> > >>>>>>
> > >>>>>> RFC Editor
> > >>>>>>
> > >>>>>> --------------------------------------
> > >>>>>> RFC9447 (draft-ietf-acme-authority-token-09)
> > >>>>>>
> > >>>>>> Title            : ACME Challenges Using an Authority Token
> > >>>>>> Author(s)        : J. Peterson, M. Barnes, D. Hancock, C. Wendt
> > >>>>>> WG Chair(s)      : Deb Cooley, Deb Cooley, Yoav Nir
> > >>>>>> Area Director(s) : Roman Danyliw, Paul Wouters
> > >>>>>>
> > >>>>>> --
> > >>>>>> Sent from Gmail Mobile
> > >>>>>
> > >>>
> > >>
> > >
> >
>
>