WG Action: Formed Automated Certificate Management Environment (acme)

The IESG <iesg-secretary@ietf.org> Fri, 26 June 2015 16:47 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 249011A70E1; Fri, 26 Jun 2015 09:47:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBZfT_BfAB7q; Fri, 26 Jun 2015 09:47:28 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 144491A8728; Fri, 26 Jun 2015 09:47:28 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: WG Action: Formed Automated Certificate Management Environment (acme)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.4.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150626164728.20594.9635.idtracker@ietfa.amsl.com>
Date: Fri, 26 Jun 2015 09:47:28 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/oPISTa8kRM0hBp2T5AT6JmsVjPw>
Cc: acme WG <acme@ietf.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2015 16:47:30 -0000

A new IETF working group has been formed in the Security Area. For
additional information please contact the Area Directors or the WG
Chairs.

Automated Certificate Management Environment (acme)
------------------------------------------------
Current Status: Proposed WG

Chairs:
  Rich Salz <rsalz@akamai.com>
  Ted Hardie <ted.ietf@gmail.com>

Assigned Area Director:
  Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>

Mailing list
  Address: acme@ietf.org
  To Subscribe: https://www.ietf.org/mailman/listinfo/acme
  Archive: https://mailarchive.ietf.org/arch/browse/acme/

Charter:

Historically, issuance of certificates for Internet applications
(e.g., web servers) has involved many manual identity validation steps
by the certification authority (CA).  The ACME WG will specify
conventions for automated X.509 certificate management, including
validation of control over an identifier, certificate issuance,
certificate renewal, and certificate revocation.  The initial focus of
the ACME WG will be on domain name certificates (as used by web
servers), but other uses of certificates can be considered as work
progresses.

ACME certificate management must allow the CA to verify, in an
automated manner, that the party requesting a certificate has authority
over the requested identifiers, including the subject and subject
alternative names.  The processing must also confirm that the requesting
party has access to the private key that corresponds to the public key
that will appear in the certificate.  All of the processing must be done
in a manner that is compatible with common service deployment
environments, such as hosting environments.

ACME certificate management must, in an automated manner, allow an 
authorized party to request revocation of a certificate.

The ACME working group is specifying ways to automate certificate
issuance, validation, revocation and renewal.  The ACME working
group is not reviewing or producing certificate policies or
practices.

The starting point for ACME WG discussions shall be draft-barnes-acme.

Milestones:
  Aug 2015 - Initial working group draft
  Mar 2016 - Submit working group draft to IESG as Proposed Standard