IETF Logo Mail Archive

[saag] Notes from ACME meeting

"Salz, Rich" <rsalz@akamai.com> Thu, 23 July 2015 20:43 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B3171A914C for <saag@ietfa.amsl.com>; Thu, 23 Jul 2015 13:43:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ra8sR1Tt8k91 for <saag@ietfa.amsl.com>; Thu, 23 Jul 2015 13:43:37 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (prod-mail-xrelay02.akamai.com [72.246.2.14]) by ietfa.amsl.com (Postfix) with ESMTP id 71E2A1A9237 for <saag@ietf.org>; Thu, 23 Jul 2015 13:43:37 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (localhost [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 7CE0C29256 for <saag@ietf.org>; Thu, 23 Jul 2015 20:43:36 +0000 (GMT)
Received: from prod-mail-relay07.akamai.com (prod-mail-relay07.akamai.com [172.17.121.112]) by prod-mail-xrelay02.akamai.com (Postfix) with ESMTP id 55C8C290A1 for <saag@ietf.org>; Thu, 23 Jul 2015 20:43:36 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=akamai.com; s=a1; t=1437684216; bh=2Ri4dPwZkj0IXkD89xvNcuLm66VeeFW62k4tROe3uOM=; h=From:To:Subject:Date:From; b=t56uxzn6jOGD3TKUpxJWmJ/66vax1g9GNZQ++bGuGChaAFZky5jd0HapGHKPm+P6z b4b3gJBwl8Ed96OdrkBQ4439jeAOA2/Qc0lN96JxgfCATdfxqS26bGZ7LvrHfIIM1S F2tCJJnxyB7Zu0GSyXUNFLYWNpQR6vBubj6E1MZE=
Received: from email.msg.corp.akamai.com (ustx2ex-cas4.msg.corp.akamai.com [172.27.25.33]) by prod-mail-relay07.akamai.com (Postfix) with ESMTP id 3484380091 for <saag@ietf.org>; Thu, 23 Jul 2015 20:43:36 +0000 (GMT)
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com (172.27.27.102) by ustx2ex-dag1mb4.msg.corp.akamai.com (172.27.27.104) with Microsoft SMTP Server (TLS) id 15.0.1076.9; Thu, 23 Jul 2015 15:43:34 -0500
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com ([172.27.6.132]) by ustx2ex-dag1mb2.msg.corp.akamai.com ([172.27.6.132]) with mapi id 15.00.1076.000; Thu, 23 Jul 2015 15:43:34 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: Notes from ACME meeting
Thread-Index: AdDFh00iJAavv9mAT3S2bZSZ9Ze4AQ==
Date: Thu, 23 Jul 2015 20:43:34 +0000
Message-ID: <2e63858c77364914b9425ae8f97d558a@ustx2ex-dag1mb2.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.152.120]
Content-Type: multipart/alternative; boundary="_000_2e63858c77364914b9425ae8f97d558austx2exdag1mb2msgcorpak_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/kUvZbVNixBLvVx_Fpk7Rmb_sm7I>
Subject: [saag] Notes from ACME meeting
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2015 20:43:39 -0000

ACME had its first WG meeting today (directly after the SAAG meeting).

Richard Barnes reviewed changes to the ACME draft since the BoF at the last IETF. We adopted that document, with strong consensus. Richard Barnes pulled off his "LetsEncrypt" t-shirt to reveal an IETF-93 t-shirt underneath.

John Mattson presented some use cases. There was some discussion, with the consensus being that further work is needed before considering adoption.

Mike Jones presented a "base64-less" proposal that has just been accepted by the JOSE as a WG document.  Consensus was that the ACME messages are small enough that we don't need the efficiency gains offered by this new format. Thanks to Mike for agreeing to come present on short notice.

Phill Hallam-Baker gave an overview of his OmniPublish protocol, which is intended to address "everything" that's needed when a new service is deployed, including certificates, firewall, etc. Consensus is that this is a superset of ACME, and that it could be a useful source of requirements for ACME, if not immediately, then in the next version.

--
Senior Architect, Akamai Technologies
IM: richsalz@jabber.at Twitter: RichSalz

v2.23.0 | Report a Bug | By Email