Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-acme-authority-token-09> for your review
Alanna Paloma <apaloma@amsl.com> Mon, 21 August 2023 17:27 UTC
Return-Path: <apaloma@amsl.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCE2EC152564; Mon, 21 Aug 2023 10:27:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.207
X-Spam-Level:
X-Spam-Status: No, score=-4.207 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id thPghOC39kpZ; Mon, 21 Aug 2023 10:27:34 -0700 (PDT)
Received: from c8a.amsl.com (c8a.amsl.com [4.31.198.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EFF0C14CE24; Mon, 21 Aug 2023 10:27:34 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id 798FF424CD3E; Mon, 21 Aug 2023 10:27:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c8a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAL9gxG7SX88; Mon, 21 Aug 2023 10:27:34 -0700 (PDT)
Received: from amss-mbp.attlocal.net (unknown [IPv6:2600:1700:bac0:1070:8560:a9b7:818d:13d0]) by c8a.amsl.com (Postfix) with ESMTPSA id DE101424B446; Mon, 21 Aug 2023 10:27:33 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Alanna Paloma <apaloma@amsl.com>
In-Reply-To: <C2C69C0D-5567-4108-ABD9-D585FFE33FE3@amsl.com>
Date: Mon, 21 Aug 2023 10:27:32 -0700
Cc: Roman Danyliw <rdd@cert.org>, "Peterson, Jon" <Jon.Peterson@transunion.com>, Mary Barnes <mary.ietf.barnes@gmail.com>, "acme-ads@ietf.org" <acme-ads@ietf.org>, "acme-chairs@ietf.org" <acme-chairs@ietf.org>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>, "rsalz@akamai.com" <rsalz@akamai.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <72C5655D-5451-4030-B588-A0AA68B63D12@amsl.com>
References: <20230725055613.60C6C3E8AF@rfcpa.amsl.com> <CO6PR17MB49784028ECB433846741F881FD08A@CO6PR17MB4978.namprd17.prod.outlook.com> <CAHBDyN7bz0dAyadJGWXkXp8yZ0056rYNygiAJcy5tnHvrWz3Mw@mail.gmail.com> <50B02C9D-21D0-4A03-8E74-D88F86D14B3A@amsl.com> <6BDA66BE-0E85-42F8-B0B4-20E68DD30216@amsl.com> <BN2P110MB1107D007B5B8C529F5CCD31FDC17A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <C2C69C0D-5567-4108-ABD9-D585FFE33FE3@amsl.com>
To: "jon.peterson@team.neustar" <jon.peterson@team.neustar>, "davidhancock.ietf@gmail.com" <davidhancock.ietf@gmail.com>, "chris-ietf@chriswendt.net" <chris-ietf@chriswendt.net>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/Jg46At3yYqzhraKvlv3JFbrgtEk>
Subject: Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-acme-authority-token-09> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Aug 2023 17:27:38 -0000
Hi John, David, and Chris, This is a friendly reminder that we await you reviews and approvals before continuing with the publication process. Additionally, please let us know if/how you would like the “type” attribute set for the <sourcecode> elements in this document: >> 6) <!--[rfced] Please review the "type" attribute of each sourcecode element >> in the XML file to ensure correctness. If the current list of preferred >> values for "type" (https://www.rfc-editor.org/materials/sourcecode-types.txt) >> does not contain an applicable type, then feel free to let us >> know. Also, it is acceptable to leave the "type" attribute not set. >> --> >> >> <JFP> I’m not aware I’m using sourcecode as an element in the XML. These are all figure/artwork blocks. > > Currently, there are 3 instances of the <sourcecode> element in this document: > https://www.rfc-editor.org/authors/rfc9447.html#section-4-6 > https://www.rfc-editor.org/authors/rfc9447.html#section-4-8 > https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2 > > For background, "The <artwork> element should not be used for source code and formal languages, the <sourcecode> element should be used instead.” (https://authors.ietf.org/en/rfcxml-vocabulary#artwork). <sourcecode> is used to contain code that compiles or does not; it can be one of the preferred “type" values or no type at all. Please review and let us know if/how you would like the “type” attribute set. The files are available here: https://www.rfc-editor.org/authors/rfc9447.xml https://www.rfc-editor.org/authors/rfc9447.txt https://www.rfc-editor.org/authors/rfc9447.pdf https://www.rfc-editor.org/authors/rfc9447.html AUTH48 diff: https://www.rfc-editor.org/authors/rfc9447-auth48diff.html Comprehensive diffs: https://www.rfc-editor.org/authors/rfc9447-diff.html https://www.rfc-editor.org/authors/rfc9447-rfcdiff.html For the AUTH48 status of this document, please see: https://www.rfc-editor.org/auth48/rfc9447 Thank you, RFC Editor/ap > On Aug 14, 2023, at 9:58 AM, Alanna Paloma <apaloma@amsl.com> wrote: > > Hi Roman, > > Thank you for your reply. Your approval has been noted on the AUTH48 status page: > https://www.rfc-editor.org/auth48/rfc9447 > > Best regards, > RFC Editor/ap > >> On Aug 14, 2023, at 9:13 AM, Roman Danyliw <rdd@cert.org> wrote: >> >> Hi! >> >> Approved. >> >> Thanks, >> Roman >> >>> -----Original Message----- >>> From: Alanna Paloma <apaloma@amsl.com> >>> Sent: Friday, August 11, 2023 12:21 PM >>> To: Roman Danyliw <rdd@cert.org>; Peterson, Jon >>> <Jon.Peterson@transunion.com>; davidhancock.ietf@gmail.com; chris- >>> ietf@chriswendt.net >>> Cc: Mary Barnes <mary.ietf.barnes@gmail.com>; acme-ads@ietf.org; acme- >>> chairs@ietf.org; auth48archive@rfc-editor.org; jon.peterson@team.neustar; >>> rfc-editor@rfc-editor.org; rsalz@akamai.com >>> Subject: Re: [AD] AUTH48: RFC-to-be 9447 <draft-ietf-acme-authority-token- >>> 09> for your review >>> >>> Jon, David, Chris, and Roman*, >>> >>> *Roman (AD) - This is a friendly reminder that we await your review and >>> approval of the changes to the RFC 2119/8174 keywords in Sections 4 and 7 >>> and the removal of RFCs 3986 and 4648 from the Normative References >>> section. These updates can be seen in this diff file: >>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html >>> >>> Authors - Please let us know if/how you would like the “type” attribute set for >>> the <sourcecode> elements in this document: >>>>> 6) <!--[rfced] Please review the "type" attribute of each sourcecode >>>>> element in the XML file to ensure correctness. If the current list of >>>>> preferred values for "type" >>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt) >>>>> does not contain an applicable type, then feel free to let us know. >>>>> Also, it is acceptable to leave the "type" attribute not set. >>>>> --> >>>>> >>>>> <JFP> I’m not aware I’m using sourcecode as an element in the XML. These >>> are all figure/artwork blocks. >>>> >>>> Currently, there are 3 instances of the <sourcecode> element in this >>> document: >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-6 >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-8 >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2 >>>> >>>> For background, "The <artwork> element should not be used for source code >>> and formal languages, the <sourcecode> element should be used instead.” >>> (https://authors.ietf.org/en/rfcxml-vocabulary#artwork). <sourcecode> is used >>> to contain code that compiles or does not; it can be one of the preferred “type" >>> values or no type at all. Please review and let us know if/how you would like >>> the “type” attribute set. >>> >>> >>> We will await any further changes as well approvals from Jon, David, Chris, and >>> *Roman prior to moving forward in the publication process. >>> >>> The files are available here: >>> https://www.rfc-editor.org/authors/rfc9447.xml >>> https://www.rfc-editor.org/authors/rfc9447.txt >>> https://www.rfc-editor.org/authors/rfc9447.pdf >>> https://www.rfc-editor.org/authors/rfc9447.html >>> >>> AUTH48 diff: >>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html >>> >>> Comprehensive diffs: >>> https://www.rfc-editor.org/authors/rfc9447-diff.html >>> https://www.rfc-editor.org/authors/rfc9447-rfcdiff.html >>> >>> For the AUTH48 status of this document, please see: >>> https://www.rfc-editor.org/auth48/rfc9447 >>> >>> Thank you, >>> RFC Editor/ap >>> >>>> On Aug 4, 2023, at 8:56 AM, Alanna Paloma <apaloma@amsl.com> wrote: >>>> >>>> Hi Jon, Mary, and Roman* >>>> >>>> *Roman (AD) - Please review and approve of the changes to the RFC >>> 2119/8174 keywords in Sections 4 and 7 and the removal of RFCs 3986 and >>> 4648 from the Normative References section. These updates can be seen in this >>> diff file: >>>> https://www.rfc-editor.org/authors/rfc9447-auth48diff.html >>>> >>>> Authors - Thank you for your replies. We have updated the files accordingly. >>> Mary’s approval has been noted on the AUTH48 status page, and we assume >>> her assent to changes from the other coauthors unless we hear otherwise. >>>> >>>>> 6) <!--[rfced] Please review the "type" attribute of each sourcecode >>>>> element in the XML file to ensure correctness. If the current list of >>>>> preferred values for "type" >>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt) >>>>> does not contain an applicable type, then feel free to let us know. >>>>> Also, it is acceptable to leave the "type" attribute not set. >>>>> --> >>>>> >>>>> <JFP> I’m not aware I’m using sourcecode as an element in the XML. These >>> are all figure/artwork blocks. >>>> >>>> Currently, there are 3 instances of the <sourcecode> element in this >>> document: >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-6 >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-4-8 >>>> https://www.rfc-editor.org/authors/rfc9447.html#section-5.1-2 >>>> >>>> For background, "The <artwork> element should not be used for source code >>> and formal languages, the <sourcecode> element should be used instead.” >>> (https://authors.ietf.org/en/rfcxml-vocabulary#artwork). <sourcecode> is used >>> to contain code that compiles or does not; it can be one of the preferred “type" >>> values or no type at all. Please review and let us know if/how you would like >>> the “type” attribute set. >>>> >>>> The files have been posted here (please refresh): >>>> https://www.rfc-editor.org/authors/rfc9447.xml >>>> https://www.rfc-editor.org/authors/rfc9447.txt >>>> https://www.rfc-editor.org/authors/rfc9447.html >>>> https://www.rfc-editor.org/authors/rfc9447.pdf >>>> >>>> The relevant diff files have been posted here: >>>> https://www.rfc-editor.org/authors/rfc9447-diff.html (comprehensive >>>> diff) https://www.rfc-editor.org/authors/rfc9447-auth48diff.html >>>> (AUTH48 changes) >>>> >>>> Please review the document carefully and contact us with any further >>> updates you may have. Note that we do not make changes once a document is >>> published as an RFC. >>>> >>>> We will await approvals from Jon, David, Chris, and *Roman (AD) prior to >>> moving this document forward in the publication process. >>>> >>>> For the AUTH48 status of this document, please see: >>>> https://www.rfc-editor.org/auth48/rfc9447 >>>> >>>> Thank you, >>>> RFC Editor/ap >>>> >>>>> On Aug 3, 2023, at 10:39 AM, Mary Barnes <mary.ietf.barnes@gmail.com> >>> wrote: >>>>> >>>>> I think the document is fine with consideration of Jon’s comments. >>>>> >>>>> Mary >>>>> >>>>> On Thu, Aug 3, 2023 at 7:26 AM Peterson, Jon >>> <Jon.Peterson@transunion.com> wrote: >>>>> Please see my responses marked as <JFP> below. Thanks! >>>>> >>>>> >>>>> >>>>> From: rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org> >>>>> Date: Tuesday, July 25, 2023 at 1:56 AM >>>>> To: jon.peterson@team.neustar <jon.peterson@team.neustar>, >>>>> mary.ietf.barnes@gmail.com <mary.ietf.barnes@gmail.com>, >>>>> davidhancock.ietf@gmail.com <davidhancock.ietf@gmail.com>, >>>>> chris-ietf@chriswendt.net <chris-ietf@chriswendt.net> >>>>> Cc: rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org>, >>>>> acme-ads@ietf.org <acme-ads@ietf.org>, acme-chairs@ietf.org >>>>> <acme-chairs@ietf.org>, rsalz@akamai.com <rsalz@akamai.com>, >>>>> rdd@cert.org <rdd@cert.org>, auth48archive@rfc-editor.org >>>>> <auth48archive@rfc-editor.org> >>>>> Subject: Re: AUTH48: RFC-to-be 9447 >>>>> <draft-ietf-acme-authority-token-09> for your review >>>>> >>>>> Authors, >>>>> >>>>> While reviewing this document during AUTH48, please resolve (as >>> necessary) the following questions, which are also in the XML file. >>>>> >>>>> 1) <!--[rfced] Please note the the title of the document has been updated as >>> follows. >>>>> The abbreviation has been expanded per Section 3.6 of RFC 7322 ("RFC Style >>> Guide"). >>>>> Please review. >>>>> >>>>> Original: >>>>> ACME Challenges Using an Authority Token >>>>> >>>>> Current: >>>>> Automated Certificate Management Environment (ACME) Challenges Using >>>>> an Authority Token >>>>> --> >>>>> >>>>> >>>>> <JFP> OK >>>>> >>>>> >>>>> >>>>> 2) <!--[rfced] For clarity, should "Authority" be "Token Authority" here? >>>>> >>>>> Original: >>>>> For example, imagine a case where an Authority for DNS names knows >>>>> that a client is eligible to receive certificates for >>> "https://urldefense.proofpoint.com/v2/url?u=http- >>> 3A__example.com&d=DwIFaQ&c=7gn0PlAmraV3zr- >>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N >>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D >>> moqBuqfP-&s=FSP3n0qEZdE4lnN1EPjigIr1blbyoY7QMUl1ZNCvZpQ&e= " >>>>> and "https://urldefense.proofpoint.com/v2/url?u=http- >>> 3A__example.net&d=DwIFaQ&c=7gn0PlAmraV3zr- >>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N >>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D >>> moqBuqfP-&s=4D7dUBWOxRL7tTWU2ITbtLplCX7E9Qd3UwLDnUwylWo&e= ". >>>>> >>>>> Perhaps: >>>>> For example, imagine a case where a Token Authority for DNS names >>> knows >>>>> that a client is eligible to receive certificates for >>> "https://urldefense.proofpoint.com/v2/url?u=http- >>> 3A__example.com&d=DwIFaQ&c=7gn0PlAmraV3zr- >>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N >>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D >>> moqBuqfP-&s=FSP3n0qEZdE4lnN1EPjigIr1blbyoY7QMUl1ZNCvZpQ&e= " >>>>> and "https://urldefense.proofpoint.com/v2/url?u=http- >>> 3A__example.net&d=DwIFaQ&c=7gn0PlAmraV3zr- >>> k385KhKAz9NTx0dwockj5vIsr5Sw&r=rQo6AhlF8tKhxgONBTTPp2dKudYXajoA6N >>> 78vvkOkzA&m=H9shfntLUEToiZuf9zJVeNTFWR__v4jo7gIYfcjo6g_RlQcEpklq74D >>> moqBuqfP-&s=4D7dUBWOxRL7tTWU2ITbtLplCX7E9Qd3UwLDnUwylWo&e= ". >>>>> >>>>> <JFP> OK. Below is not correct. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Similarly (for the reverse), should "Token" be "Authority Token" here? >>>>> Or, perhaps using just one word was intended to mitigate confusion? >>>>> >>>>> Original: >>>>> ...an ACME server can use the >>>>> binding to determine that a Token presented by a client was in fact >>>>> granted by the Token Authority based on a request from the client, >>>>> and not from some other entity. >>>>> >>>>> Perhaps: >>>>> ...an ACME server can use the >>>>> binding to determine that an Authority Token presented by a client was in >>> fact >>>>> granted by the Token Authority based on a request from the client, >>>>> and not from some other entity. >>>>> --> >>>>> >>>>> >>>>> 3) <!--[rfced] As "OPTIONALLY" is not a key word that appears in RFC >>>>> 2119, may this sentence be rephrased to use "OPTIONAL"? >>>>> >>>>> Original: >>>>> For this ACME Authority Token usage of JWT, the payload of the JWT >>>>> OPTIONALLY contain an "iss" indicating the Token Authority that >>>>> generated the token, if the "x5u" or "x5c" element in the header does >>>>> not already convey that information... >>>>> >>>>> Perhaps: >>>>> For this ACME Authority Token usage of JWT, it is OPTIONAL for the >>>>> payload of the JWT to contain an "iss" indicating the Token Authority that >>>>> generated the token if the "x5u" or "x5c" element in the header does >>>>> not already convey that information... >>>>> --> >>>>> >>>>> >>>>> <JFP> OK >>>>> >>>>> >>>>> >>>>> >>>>> 4) <!--[rfced] We note that RFC 8226 does not contain mention of "tkvalue". >>>>> Please review and let us know if/how this citation should be updated. >>>>> >>>>> Original: >>>>> Following the example of [I-D.ietf-acme-authority-token-tnauthlist], >>>>> the "tktype" identifier type could be the TNAuthList, with a >>>>> "tkvalue" as defined in [RFC8226] that the Token Authority is >>>>> attesting. >>>>> --> >>>>> >>>>> >>>>> <JFP> Good catch. We’re not saying that the “tkvalue” element is defined in >>> RFC8226, but that the value of the “tkvalue” element is a TNAuthList has >>> defiend in RFC8226. So maybe: >>>>> >>>>> >>>>> >>>>> The “tktype” identifier type could be the TNAuthList (as defined in >>> [RFC8226]), which would be the value for the “tkvalue” element that the Token >>> Authority is attesting. >>>>> >>>>> >>>>> >>>>> 5) <!--[rfced] In Section 4, the following lines in sourcecode >>>>> exceeded the 69-character limit. Line breaks have been added as >>>>> follows; please review and let us know if these lines should appear in a >>> different manner. >>>>> >>>>> Original (lines 407 and 408): >>>>> >>> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==","fingerprint": >>>>> "SHA256 >>> 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:BA:B9:19:81:F8:50: >>>>> 9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} >>>>> >>>>> Current: >>>>> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==", >>>>> "fingerprint":"SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3: >>>>> BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} >>>>> >>>>> >>>>> Original (lines 424 and 425): >>>>> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==","ca":true, >>>>> "fingerprint":"SHA256 >>> 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:BA:B9:19:81:F8:50: >>>>> 9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} } >>>>> >>>>> Current: >>>>> "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==", >>>>> "ca":true,"fingerprint":"SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B: >>>>> 71:D3:BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"} } >>>>> --> >>>>> >>>>> >>>>> <JFP> OK. >>>>> >>>>> >>>>> >>>>> 6) <!--[rfced] Please review the "type" attribute of each sourcecode >>>>> element in the XML file to ensure correctness. If the current list of >>>>> preferred values for "type" >>>>> (https://www.rfc-editor.org/materials/sourcecode-types.txt) >>>>> does not contain an applicable type, then feel free to let us know. >>>>> Also, it is acceptable to leave the "type" attribute not set. >>>>> --> >>>>> >>>>> >>>>> <JFP> I’m not aware I’m using sourcecode as an element in the XML. These >>> are all figure/artwork blocks. >>>>> >>>>> >>>>> >>>>> 7) <!-- [rfced] RFC 7231 has been obsoleted by RFC 9110. May we >>>>> replace RFC 7231 with RFC 9110 in this sentence? >>>>> >>>>> Original: >>>>> In order to request an Authority Token from a Token Authority, a >>>>> client sends a HTTPS POST request [RFC7231] . >>>>> --> >>>>> >>>>> >>>>> <JFP> OK. >>>>> >>>>> >>>>> >>>>> 8) <!--[rfced] Per RFCs 2119 and 8174, may we update "SHOULD not" to >>> "SHOULD NOT" >>>>> in the sentence below? >>>>> >>>>> Original: >>>>> ACME services relying >>>>> on Authority Tokens SHOULD not issue certificates with a longer >>>>> expiry than the expiry of the Authority Token. >>>>> --> >>>>> >>>>> >>>>> <JFP> OK. >>>>> >>>>> >>>>> >>>>> 9) <!--[rfced] The following references are not cited in the text. >>>>> Please let us know where they should be cited or if these references >>>>> should be deleted from the References section. >>>>> >>>>> [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform >>>>> Resource Identifier (URI): Generic Syntax", STD 66, >>>>> RFC 3986, DOI 10.17487/RFC3986, January 2005, >>>>> <https://urldefense.com/v3/__https://www.rfc- >>> editor.org/info/rfc3986__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb >>> 08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGkYIcdPQ$ >>>> . >>>>> >>>>> [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data >>>>> Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, >>>>> <https://urldefense.com/v3/__https://www.rfc- >>> editor.org/info/rfc4648__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb >>> 08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSH2BxuGBg$ >>>> . >>>>> --> >>>>> >>>>> >>>>> <JFP> Um, I suppose we don’t need those cited. >>>>> >>>>> >>>>> >>>>> 10) <!--[rfced] Throughout the text, "ACME Identifier Type", "ACME >>>>> Identifier type", and "ACME identifier type" appear were used >>>>> inconsistently. We have updated all occurrences to capitalized, i.e., "ACME >>> Identifier Type". >>>>> Please review and let us know if you prefer otherwise. >>>>> --> >>>>> >>>>> >>>>> <JFP> I only see one instance of that construction where “type” is >>> uncapitalized in the -09 XML source (and none where “identifier” is >>> uncapitalized in that construction), but forcing capitalization is fine. >>>>> >>>>> >>>>> >>>>> 11) <!-- [rfced] FYI - We have added expansions for the following >>>>> abbreviations per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please >>>>> review each expansion in the document carefully to ensure correctness. >>>>> >>>>> JSON Web Signature (JWS) >>>>> Telephone Number Authorization List (TNAuthList) >>>>> --> >>>>> >>>>> >>>>> <JFP> OK. >>>>> >>>>> >>>>> >>>>> 12) <!-- [rfced] Please review the "Inclusive Language" portion of >>>>> the online Style Guide >>>>> <https://urldefense.com/v3/__https://www.rfc- >>> editor.org/styleguide/part2/*inclusive_language__;Iw!!N14HnBHF!57eJm6xYZh >>> vvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY- >>> PWy14m14Ao11d1hY5bSHw1FLyNA$ > and let us know if any changes are >>> needed. >>>>> >>>>> Note that our script did not flag any words in particular, but this >>>>> should still be reviewed as a best practice. >>>>> --> >>>>> >>>>> >>>>> <JFP> OK. >>>>> >>>>> >>>>> >>>>> Thank you. >>>>> >>>>> >>>>> <JFP> Thanks! >>>>> >>>>> >>>>> RFC Editor/ar/ar >>>>> >>>>> >>>>> On Jul 24, 2023, rfc-editor@rfc-editor.org wrote: >>>>> >>>>> *****IMPORTANT***** >>>>> >>>>> Updated 2023/07/24 >>>>> >>>>> RFC Author(s): >>>>> -------------- >>>>> >>>>> Instructions for Completing AUTH48 >>>>> >>>>> Your document has now entered AUTH48. Once it has been reviewed and >>>>> approved by you and all coauthors, it will be published as an RFC. >>>>> If an author is no longer available, there are several remedies >>>>> available as listed in the FAQ (https://www.rfc-editor.org/faq). >>>>> >>>>> >>>>> >>>>> You and you coauthors are responsible for engaging other parties >>>>> (e.g., Contributors or Working Group) as necessary before providing >>>>> your approval. >>>>> >>>>> Planning your review >>>>> --------------------- >>>>> >>>>> Please review the following aspects of your document: >>>>> >>>>> * RFC Editor questions >>>>> >>>>> Please review and resolve any questions raised by the RFC Editor >>>>> that have been included in the XML file as comments marked as >>>>> follows: >>>>> >>>>> <!-- [rfced] ... --> >>>>> >>>>> These questions will also be sent in a subsequent email. >>>>> >>>>> * Changes submitted by coauthors >>>>> >>>>> Please ensure that you review any changes submitted by your >>>>> coauthors. We assume that if you do not speak up that you agree to >>>>> changes submitted by your coauthors. >>>>> >>>>> * Content >>>>> >>>>> Please review the full content of the document, as this cannot >>>>> change once the RFC is published. Please pay particular attention to: >>>>> - IANA considerations updates (if applicable) >>>>> - contact information >>>>> - references >>>>> >>>>> * Copyright notices and legends >>>>> >>>>> Please review the copyright notice and legends as defined in RFC >>>>> 5378 and the Trust Legal Provisions >>>>> >>>>> (TLP – https://urldefense.com/v3/__https://trustee.ietf.org/license- >>> info/__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj >>> GflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSE9Ks8eAw$ ). >>>>> >>>>> * Semantic markup >>>>> >>>>> Please review the markup in the XML file to ensure that elements of >>>>> content are correctly tagged. For example, ensure that <sourcecode> >>>>> and <artwork> are set correctly. See details at >>>>> <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml- >>> vocabulary__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Z >>> fvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSH6ck1Vaw$ >. >>>>> >>>>> * Formatted output >>>>> >>>>> Please review the PDF, HTML, and TXT files to ensure that the >>>>> formatted output, as generated from the markup in the XML file, is >>>>> reasonable. Please note that the TXT will have formatting >>>>> limitations compared to the PDF and HTML. >>>>> >>>>> >>>>> Submitting changes >>>>> ------------------ >>>>> >>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as >>>>> all the parties CCed on this message need to see your changes. The >>>>> parties >>>>> include: >>>>> >>>>> * your coauthors >>>>> >>>>> * rfc-editor@rfc-editor.org (the RPC team) >>>>> >>>>> * other document participants, depending on the stream (e.g., >>>>> IETF Stream participants are your working group chairs, the >>>>> responsible ADs, and the document shepherd). >>>>> >>>>> * auth48archive@rfc-editor.org, which is a new archival mailing list >>>>> to preserve AUTH48 conversations; it is not an active discussion >>>>> list: >>>>> >>>>> * More info: >>>>> >>>>> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/iet >>>>> f-announce/yb6lpIGh- >>> 4Q9l2USxIAe6P8O4Zc__;!!N14HnBHF!57eJm6xYZhvvvv3CC >>>>> sAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJJjW2zx4mNN-RY- >>> PWy14m14Ao11d1hY5bS >>>>> Gj2dWypw$ >>>>> >>>>> * The archive itself: >>>>> >>>>> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/ >>>>> >>> auth48archive/__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9x >>> kR >>>>> 4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGJaGSrxw$ >>>>> >>>>> >>>>> * Note: If only absolutely necessary, you may temporarily opt out >>>>> of the archiving of messages (e.g., to discuss a sensitive matter). >>>>> If needed, please add a note at the top of the message that you >>>>> have dropped the address. When the discussion is concluded, >>>>> auth48archive@rfc-editor.org will be re-added to the CC list and >>>>> its addition will be noted at the top of the message. >>>>> >>>>> You may submit your changes in one of two ways: >>>>> >>>>> An update to the provided XML file >>>>> — OR — >>>>> An explicit list of changes in this format >>>>> >>>>> Section # (or indicate Global) >>>>> >>>>> OLD: >>>>> old text >>>>> >>>>> NEW: >>>>> new text >>>>> >>>>> You do not need to reply with both an updated XML file and an >>>>> explicit list of changes, as either form is sufficient. >>>>> >>>>> We will ask a stream manager to review and approve any changes that >>>>> seem beyond editorial in nature, e.g., addition of new text, deletion >>>>> of text, and technical changes. Information about stream managers >>>>> can be found in the FAQ. Editorial changes do not require approval from a >>> stream manager. >>>>> >>>>> >>>>> Approving for publication >>>>> -------------------------- >>>>> >>>>> To approve your RFC for publication, please reply to this email >>>>> stating that you approve this RFC for publication. Please use ‘REPLY >>>>> ALL’, as all the parties CCed on this message need to see your approval. >>>>> >>>>> >>>>> Files >>>>> ----- >>>>> >>>>> The files are available here: >>>>> >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj >>> Gf >>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSGAUv8cyg$ >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvC >>> OjG >>>>> flOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1gSddzQ$ >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.pdf__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj >>> Gf >>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1VFJRqA$ >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.txt__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOj >>> Gf >>>>> lOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHQISexhQ$ >>>>> >>>>> Diff file of the text: >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> 7- >>> diff.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Zf >>>>> vCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHex2QhVw$ >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> 7- >>> rfcdiff.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR >>>>> 4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSHQGMBVAQ$ (side >>> by >>>>> side) >>>>> >>>>> Diff of the XML: >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> 7- >>> xmldiff1.html__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xk >>>>> R4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSEF8uI1zw$ >>>>> >>>>> The following files are provided to facilitate creation of your own >>>>> diff files of the XML. >>>>> >>>>> Initial XMLv3 created using XMLv2 as input: >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.original.v2v3.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QL >>>>> J9xkR4ZfvCOjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSG1XnidrQ$ >>>>> >>>>> XMLv3 file that is a best effort to capture v3-related format updates >>>>> only: >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc944 >>>>> >>> 7.form.xml__;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4Z >>> fv >>>>> COjGflOJJjW2zx4mNN-RY-PWy14m14Ao11d1hY5bSFZcRTyPA$ >>>>> >>>>> >>>>> Tracking progress >>>>> ----------------- >>>>> >>>>> The details of the AUTH48 status of your document are here: >>>>> >>>>> https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9447 >>>>> >>> __;!!N14HnBHF!57eJm6xYZhvvvv3CCsAFzcQ8b3OIuakb08QLJ9xkR4ZfvCOjGflOJ >>> Jj >>>>> W2zx4mNN-RY-PWy14m14Ao11d1hY5bSGd-lMzUg$ >>>>> >>>>> >>>>> Please let us know if you have any questions. >>>>> >>>>> Thank you for your cooperation, >>>>> >>>>> RFC Editor >>>>> >>>>> -------------------------------------- >>>>> RFC9447 (draft-ietf-acme-authority-token-09) >>>>> >>>>> Title : ACME Challenges Using an Authority Token >>>>> Author(s) : J. Peterson, M. Barnes, D. Hancock, C. Wendt >>>>> WG Chair(s) : Deb Cooley, Deb Cooley, Yoav Nir >>>>> Area Director(s) : Roman Danyliw, Paul Wouters >>>>> >>>>> -- >>>>> Sent from Gmail Mobile >>>> >> >
- [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-acme-… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Peterson, Jon
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Mary Barnes
- [auth48] [AD] Re: AUTH48: RFC-to-be 9447 <draft-i… Alanna Paloma
- Re: [auth48] [AD] AUTH48: RFC-to-be 9447 <draft-i… Alanna Paloma
- Re: [auth48] [AD] AUTH48: RFC-to-be 9447 <draft-i… Roman Danyliw
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Chris Wendt
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… David Hancock
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… David Hancock
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Peterson, Jon
- Re: [auth48] AUTH48: RFC-to-be 9447 <draft-ietf-a… Alanna Paloma