Protocol Action: 'ACME IP Identifier Validation Extension' to Proposed Standard (draft-ietf-acme-ip-08.txt)
The IESG <iesg-secretary@ietf.org> Fri, 11 October 2019 14:30 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 75AA41200B4; Fri, 11 Oct 2019 07:30:39 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'ACME IP Identifier Validation Extension' to Proposed Standard (draft-ietf-acme-ip-08.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.105.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: rdd@cert.org, draft-ietf-acme-ip@ietf.org, Daniel McCarney <cpu@letsencrypt.org>, The IESG <iesg@ietf.org>, acme@ietf.org, cpu@letsencrypt.org, acme-chairs@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <157080423947.29329.7113033433863228684.idtracker@ietfa.amsl.com>
Date: Fri, 11 Oct 2019 07:30:39 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/f6i_VlJ1HfHtQtt9UcDQj67uo6w>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 14:30:40 -0000
The IESG has approved the following document: - 'ACME IP Identifier Validation Extension' (draft-ietf-acme-ip-08.txt) as Proposed Standard This document is the product of the Automated Certificate Management Environment Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-ip/ Technical Summary The ACME-IP draft extends the Automatic Certificate Management Environment (ACME) with support for IP address type identifiers in addition to DNS type identifiers. The draft additionally specifies how the existing ACME challenge types (HTTP-01 and DNS-01) and the ACME-TLS-ALPN challenge type (TLS-ALPN-01) interact with IP address identifiers. Working Group Summary The description of using tls-alpn-01 for IP identifiers was fixed to respect RFC 6066's restriction on IP addresses in SNI by defining the ip-addr.arpa format to use instead. Earlier versions of the draft included a reverse-DNS challenge type. Within the working group there were concerns raised about the accuracy of the reverse DNS zone information that this challenge type relied on. A decision was made to remove this challenge type from the draft to allow forward progress on the remaining uncontroversial parts of the draft. Document Quality The document is short and concise. The interaction between the existing challenge types interact this new identifier type is well specified. I am not aware of any existing implementations but at least one ACME server operator (Let's Encrypt) intends to implement the draft in a test capacity (with the Pebble ACME server) in the near future. Personnel The document shepard is Daniel McCarney. The responsible area director is Roman Danyliw.