IETF Logo Mail Archive

Re: [lamps] I-D Action: draft-ietf-lamps-caa-issuemail-06.txt

Corey Bonnell <Corey.Bonnell@digicert.com> Wed, 02 August 2023 10:39 UTC

Return-Path: <Corey.Bonnell@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FE14C14CE44; Wed, 2 Aug 2023 03:39:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=digicert.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5V3cWXXUOTF6; Wed, 2 Aug 2023 03:38:56 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2139.outbound.protection.outlook.com [40.107.244.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F31F7C14CE3B; Wed, 2 Aug 2023 03:38:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZZwhGkHWn8p1yORro/vWf8S4z/nKfGPLWULd9lfQ898e1PMhpQoluWsTM+OqziPGo7T03dCl3wLPZ6nViJYr12P3IU6A51fPy1XDCiUfVu27YbEu79Vaib4EMYEt8mWjRZ+pvFI7Xb+2JjtcMgi9fUeaFN4Tyr4r6CM/MyOYcvy7aIWhfIMvHYdU26OmxkJAUxjHkhlqsqqL1ZZD3WkYAMaYXpYcF6ZQfHwIHoCUHD+wlB9Vj8Q80A5DzXVYi6rjxxrsdB+6ldtJZouXayxG0HbIQa+r3wIXx2u8Yfucbm/B9STTYAdjHYRb3ker5Sia3EZ/i53uAFrLUe0F7cZxdA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ajlSdrKywseR/gezmyIUhKvRAy5WAT7HzKBdm1l9o5M=; b=cAqFC++Y7L5eKexBWHW0ka0MlfNt09ByIzMjbQRsBLIpyPHl0m49X5HUIfZ1qbZFNLGHwtPPrE6tuGfN8XhLrr0u+v3QpT94wW1VEJC4tlyXi9j4r5BfFdpgMx0QDMGrDdbz0+Uz+jIJ1vlmSOwX5bgjemJ8NvPZE383F3Po1fE/80ehEB+SGthU7M/aPhZ0cN8EE0lGWaz9hN/q5aHFB1qwg38bF95Xw/S5Hrga2V3HuxfRgWdmFF3beRWQ8CiP3jV4U3UvEBulMuhKfkJfQHfx4yivsQWOZzOJtj7/yE0gon3H9vKwWEUMJmRW8EXkkUOPhB/YDfqpZJs6pvvVoQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=digicert.com; dmarc=pass action=none header.from=digicert.com; dkim=pass header.d=digicert.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ajlSdrKywseR/gezmyIUhKvRAy5WAT7HzKBdm1l9o5M=; b=Ei6fA84SlJuQkcskq9W4s2qDrwrLLboiV3PwkE2EPOPDvL0NruTktMu8s3k1mz4Lq+N04Cabs3Ypmacgzc4lHkioNhSIztPPZBI4ZgY9Dn+YPCJacXzF+Ghp0qkceqvF3OUKQw906JI4d2+p3fg+NC/LIuIs3dntDF/L5DLX5jvW7wNtxvb6AnTSqsZJuKswjM+51cGwYYaMWHqoeyoTRHBeE/miYKvjfGmxQONJ7MZsurQ6wlr71nLw2wXlWR/I9H2DiNd0bhPKmY5Fu9t6yr4pGrm8UgLgG691UkiQW6bux1unz3bpsVxcCcyS7KOZgGTBg7GGONNC+00plpvwjQ==
Received: from DM6PR14MB2186.namprd14.prod.outlook.com (2603:10b6:5:b6::16) by MW4PR14MB5326.namprd14.prod.outlook.com (2603:10b6:303:185::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.45; Wed, 2 Aug 2023 10:38:54 +0000
Received: from DM6PR14MB2186.namprd14.prod.outlook.com ([fe80::8c48:2f88:b55b:cb1c]) by DM6PR14MB2186.namprd14.prod.outlook.com ([fe80::8c48:2f88:b55b:cb1c%7]) with mapi id 15.20.6631.045; Wed, 2 Aug 2023 10:38:53 +0000
From: Corey Bonnell <Corey.Bonnell@digicert.com>
To: "spasm@ietf.org" <spasm@ietf.org>, "i-d-announce@ietf.org" <i-d-announce@ietf.org>
Thread-Topic: [lamps] I-D Action: draft-ietf-lamps-caa-issuemail-06.txt
Thread-Index: AQHZxS1BRhiB5t4RT0uucch/s7UvEa/W0CqQ
Date: Wed, 02 Aug 2023 10:38:53 +0000
Message-ID: <DM6PR14MB2186F990902F4681E6546135920BA@DM6PR14MB2186.namprd14.prod.outlook.com>
References: <169097255360.16290.16953380573279775078@ietfa.amsl.com>
In-Reply-To: <169097255360.16290.16953380573279775078@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=digicert.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR14MB2186:EE_|MW4PR14MB5326:EE_
x-ms-office365-filtering-correlation-id: e180a0b2-60f2-4081-7e5a-08db9344aab6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9nlUNqxcNQ6f+LCg+HbHKpCXkiHZc1xhUYpsqaBCjYtEv82ebVYd3Z16vrBS7HthhSkva4HJQikiKuhcf3ZESZPmNdKQGJJvzCKbt9n4++Xp05IxEn5cChAkAw6x3K/GF+y3+mZTLn/VUwr220heF0iLETSAEQIqfhQlm7W5rSXv5F8la4RkazRKGsPncnt/g1qBLNJ67j5wUVVqEmxoB9fNxJZXWfnh9xRyZ86bLWweVoUfpm1ywwjJOCvjpu/Y5juwWm5ZVkdcu5K5P0L7zjA9xr/bK+070YrHaAelfxhIZYZMmIwaX9qRrCiaSSBOrVCZeaNWYpewfkSJJZztZNJJqpmCSGh/lHoX8ANT1lWt1Y7OpidlDPS1clzjlj0ubWz78SEO3zA0+vNpWMEqRdyOt6o2nB+SXcwEZkcl0tZa7tHOzGBL+aYci7sv1A1HVal/WxAaR+d2HSEpeywFDXTjqol/eAeKIIN5FVRWTADRdF9DW7UxtHkWSpMMdRHZT968MJeazNj2TkKFwqDZJoa/JAphfLzPmlJlZSc3p3wcgUHudi+sD2yI4ZNlUGUmHAcSY5C6iZSI2dZFlI4PHHKEAanDB5/KcMRUXLwsHe0=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR14MB2186.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(366004)(346002)(136003)(376002)(39860400002)(396003)(451199021)(64756008)(66476007)(66946007)(66446008)(66556008)(316002)(9686003)(966005)(83380400001)(2906002)(66574015)(86362001)(38070700005)(186003)(52536014)(26005)(5660300002)(6506007)(53546011)(33656002)(99936003)(38100700002)(122000001)(41300700001)(55016003)(8936002)(8676002)(7696005)(19627235002)(110136005)(71200400001)(478600001)(450100002)(76116006); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: F6vcgagkQ60fbvluXIpKavW/nIh6ABHOWUQNFRndSNwveZ+sk0uXksdWC3c2pwRGA6grCClP+u7FUY9SS9iv31r45d03SHaAyNrsmIT3h6KqJRk/9sdAyXYXsZ3P4FDu11BCjvTQXr4mbsVvsw+Lv3XsbIpG5fbzIJJvp3/ZCnnt3CB6NJOm5oTNSxXp40We+xcYZz949eDfLFBfNTszHnKmYVc6DtxF3uTaBBGfCkGEtuMQoVdHHOTn3uXxqi2/oqiwrekra87h3xmhaDky4exI/KVtNQV3CY06kTQmz1rmET306Jnf2KvQl44K5xA6CgmCQ08z4s7+zuzUXz57KT+DY5+uaOn8CdjdixsF0VcL7LBytbK7hGiLPvOMJ+GDGDAs4uExHaqDPiL5zWzSBB0yCtDYigJv0yr7tXRW7A2CUG1HM9wxa9toOCR1xxOoiAxESz7NuVxY90pOAhiWt80rw9g2iBBW+oRd6Yl6CiWI/1zfpMHqVSW1b2Ms/dTIiDgnhsNZUAV3g2Xlzu04DM2a/vbyDspoBuGQ4I7JbYCxSfTlPigZn8Rb5F2FvVZRvsXUKilLzmxNKWkbiqsiGooYCiUPbzhtrGUiw0qgDHXZ5iuvpTwacFyikw6jZ2xFpdKfKO+ZOu3PDttpUx4LI4jBc3SddIecvFfsPZlw55vBILjjiuGKHAPSvswwqlHEj08yRqOSk7GStysZR3GWpm9dkzhszjMVF2cWGNw5DxL4+RXW1lThRtz8hfl5nc0npKM0QezoKufsgloA7lcX6Mf39YMrmgfKymEDF/0Ca2N6gUKZ/IHuSAGsR93WTPxfJOoJOwauCWaHkvZPZ+6iAuFDxAcoeUeomYmQm1Kmn8LfZO/WldcH7r0zNF3tuiDrkkSRHrGY44HcLANbUgrpRNc62pPIaiiBsYvEhRkQX9gda9bu4IcE/vJwsCtLBO086ptubOhWVCJebmBPMpHzJ3r22sgIywlkZmVwNQk27KYRs8zrhVEO7GkqHRnAqM7EkgK+oSNPI3xvU8ByL1RPeqVfut80tBgAo7P2dtDs3D962eELqNk0bmQmtcpDxIpKDeNbYcHLB1Fm+SOvxlU6yDnl/P1Re6MG0dWtHFSZpsZ/CkQpAbKZltQLGVM4UqpeZLOBioqSyv9T+Nb97QBkbc3m1LPRy4jzWAV4cu+1SvPTleGKP2M6NPEda6/1oS8l8mAYaleZ7IBqaxhXw0XvznkyyYYJhV++/kTXCvBeN7vO/m59tOW4piDKWWpPnIBXABAeNJLT5gX0Yef/KTRR7wuETjHf1gG6Np/5f8Hu6lSryq4Z645WD5jcKL3BcLRr23phc+6xnnJljo0cEHRcqKOcuYlBy5JI0G13lnNTKFZyXfdnMSLsGjQqa8667HyiEJ2ZR0Sc99H9vr7rMcRup4bUzTrXU7zBboX2d0x4nZZwp1PY6XM9j19bN78lngixL+jqrZfrfH0XAuv9M8SCNht8kY/4JmWZsYbvsWb0j5rz0F7VNrEsJ2FeoL2dPAYb+CYCQFwqnqWEDdhY9IQCpataSM34VI4AWb6/GCndsA2DwJO+PYEh9ZZrmT7SGkGm
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0006_01D9C50B.FD1A9470"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR14MB2186.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e180a0b2-60f2-4081-7e5a-08db9344aab6
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Aug 2023 10:38:53.3997 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: h4NmC6wAYKtAf6DvRsttU6O3Ju1Izxy17fNsyrtDzCrVVxqelAfSg5RyYQZz+YNbo74f2/ZaXwISrypz2OtcCSaWBksbtTOORGzl7yGHxIw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR14MB5326
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/2QNY4SNl_Y-agNo0dX8Ub78VMw8>
Subject: Re: [lamps] I-D Action: draft-ietf-lamps-caa-issuemail-06.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2023 10:39:00 -0000

Hello,
This is a minor update which incorporates Sean's and Éric's feedback as
noted in their reviews.

Thanks,
Corey

-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of internet-drafts@ietf.org
Sent: Wednesday, August 2, 2023 6:36 AM
To: i-d-announce@ietf.org
Cc: spasm@ietf.org
Subject: [lamps] I-D Action: draft-ietf-lamps-caa-issuemail-06.txt


A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Limited Additional
Mechanisms for PKIX and SMIME (LAMPS) WG of the IETF.

   Title           : Certification Authority Authorization (CAA) Processing
for Email Addresses
   Author          : Corey Bonnell
   Filename        : draft-ietf-lamps-caa-issuemail-06.txt
   Pages           : 9
   Date            : 2023-08-02

Abstract:
   The Certification Authority Authorization (CAA) DNS resource record
   (RR) provides a mechanism for domains to express the allowed set of
   Certification Authorities (CAs) that are authorized to issue
   certificates for the domain.  RFC 8659 contains the core CAA
   specification, where Property Tags that restrict the issuance of
   certificates which certify domain names are defined.  This
   specification defines a Property Tag that grants authorization to CAs
   to issue certificates which contain the id-kp-emailProtection key
   purpose in the extendedKeyUsage extension and one or more rfc822Name
   or otherName of type id-on-SmtpUTF8Mailbox that include the domain
   name in the subjectAltName extension.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-lamps-caa-issuemail/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-lamps-caa-issuemail-06.html

A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-lamps-caa-issuemail-06

Internet-Drafts are also available by rsync at
rsync.ietf.org::internet-drafts


_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email