[lamps] Fwd: New Version Notification for draft-shoemaker-caa-ip-00.txt
Roland Shoemaker <roland@letsencrypt.org> Tue, 12 September 2017 00:06 UTC
Return-Path: <roland@letsencrypt.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75B2313202D for <spasm@ietfa.amsl.com>; Mon, 11 Sep 2017 17:06:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KfzT1JFK001G for <spasm@ietfa.amsl.com>; Mon, 11 Sep 2017 17:06:55 -0700 (PDT)
Received: from mail-pg0-x235.google.com (mail-pg0-x235.google.com [IPv6:2607:f8b0:400e:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 395D3129C41 for <spasm@ietf.org>; Mon, 11 Sep 2017 17:06:55 -0700 (PDT)
Received: by mail-pg0-x235.google.com with SMTP id j16so7906253pga.1 for <spasm@ietf.org>; Mon, 11 Sep 2017 17:06:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; h=subject:references:to:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=VB0HszD67XTLRef14n882Uemwp+LsK466dFkqk4iw3s=; b=cEtDyHESRlKR0HEeAz/yPxsOYld/oULyOrs6eb3yM1/e1RU+AiLFk5KZQONgX1Df4l w66ecDy1s470c7yrWXWfP/ghAMn67LtfotkDxS8n4z8fMS/EclvtfSMzgeAv50g9EkN4 uoLkB0Z+q+Kf4jj3rOfQnOcRK1Hz6PdFt/BtA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=VB0HszD67XTLRef14n882Uemwp+LsK466dFkqk4iw3s=; b=dRTIplPiozfvAj2EQ3NO3ldTkPS3eyx9VcuKaYtiz7HAkP3t/GpH7RWnckf/l4yrgS ZfrsgCU+4U1ByF2A0CblB7zsxV/Yl65Q0OeyKesI5LHSjSmyEbxemv1qiyrGfY10REQU PLn/ut+fxS4mSOoBnEV54TuB2v6dZSfE48SfMmD9QnuDEJpz2i5hOTDSXsBHHVkbtfEe OqQKnuZvGSD72UQMFCiCromoFdhoa0hrYp14ctpnpLddVKGLSNYnOTp82bHSBvm+RTyE EAUzCbAH7ktXzCd70ew7yv/1Qu9IBo4wG+SFrtWSCNU7nvKMTggK8etaLweGMCgn/dMB UB+Q==
X-Gm-Message-State: AHPjjUgwFGgEfUPoTS+91P0dlD2Z5G6OdJBqofiPxtVojjOlJFO+eXzV XyiO3gdrNESgQYaVl3N9KA==
X-Google-Smtp-Source: ADKCNb4ITRumQ6m4k1wQc8RKoMpwxFLIgDWUH2LnEoSLucQ4Ry/g6gi2VYphpTSGb6VLjYYsclNKUg==
X-Received: by 10.84.210.73 with SMTP id z67mr15482770plh.306.1505174814456; Mon, 11 Sep 2017 17:06:54 -0700 (PDT)
Received: from [10.120.0.195] (eff.static.monkeybrains.net. [208.90.213.162]) by smtp.gmail.com with ESMTPSA id c2sm17723260pgq.61.2017.09.11.17.06.53 for <spasm@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 Sep 2017 17:06:53 -0700 (PDT)
References: <150517397019.4116.4492139524663168926.idtracker@ietfa.amsl.com>
To: spasm@ietf.org
From: Roland Shoemaker <roland@letsencrypt.org>
X-Forwarded-Message-Id: <150517397019.4116.4492139524663168926.idtracker@ietfa.amsl.com>
Message-ID: <95e2ac38-9d9c-f362-cb18-f6fe005e37c1@letsencrypt.org>
Date: Mon, 11 Sep 2017 17:06:53 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <150517397019.4116.4492139524663168926.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/uM1OmAPh8xT2jbriTDXPpR5pqzQ>
Subject: [lamps] Fwd: New Version Notification for draft-shoemaker-caa-ip-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Sep 2017 00:06:57 -0000
Recent work in the ACME WG on implementing validation mechanisms for IP addresses (draft-ietf-acme-ip) brought up the issue that there is currently no way for owners of IP addresses to programmatically restrict issuance of certificates for those identifiers. CAA seems like the most obvious mechanism but the algorithm defined in RFC 6844 is only applicable to DNS names. This draft defines a basic lookup mechanism for CAA records for IP addresses. I'd be very interested in the WG's thoughts on this document and opinions on if LAMPS would be the right place for it to be worked on. Thanks, Roland -------- Forwarded Message -------- Subject: New Version Notification for draft-shoemaker-caa-ip-00.txt Date: Mon, 11 Sep 2017 16:52:50 -0700 From: internet-drafts@ietf.org To: Roland Bracewell Shoemaker <roland@letsencrypt.org>, Roland Shoemaker <roland@letsencrypt.org> A new version of I-D, draft-shoemaker-caa-ip-00.txt has been successfully submitted by Roland Bracewell Shoemaker and posted to the IETF repository. Name: draft-shoemaker-caa-ip Revision: 00 Title: Certification Authority Authorization (CAA) Validation for IP Addresses Document date: 2017-09-11 Group: Individual Submission Pages: 4 URL: https://www.ietf.org/internet-drafts/draft-shoemaker-caa-ip-00.txt Status: https://datatracker.ietf.org/doc/draft-shoemaker-caa-ip/ Htmlized: https://tools.ietf.org/html/draft-shoemaker-caa-ip-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-shoemaker-caa-ip-00 Abstract: The Certification Authority Authorization (CAA) RFC specifies a method for users to restrict which Certificate Authorities (CAs) are authorized to issue certificates for their DNS domain names. This document extends that specification to provide a method for holders of IP addresses to do the same. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [lamps] Fwd: New Version Notification for draft-s… Roland Shoemaker