+1 Arguments as to whether something is new get tedious.
Sent from my iPhone > On Apr 25, 2015, at 4:05 PM, Eric Rescorla <e...@rtfm.com> wrote: > > > >> On Mon, Apr 20, 2015 at 9:11 AM, Russ Housley <hous...@vigilsec.com> wrote: >> Stephen: >> >> If that paragraph were removed, would you be happier with the charter? If >> so, consider it gone. I'm willing to assume that an attempt to replace >> things that people are using will meet with vigorous discussion. > > I would suggest we do as you propose and remove this text. I think there will > be plenty of occasion for people in the WG to argue about using existing stuff > versus building anew. > > -Ekr > >> >> Russ >> >> >> On Apr 20, 2015, at 12:05 PM, Stephen Farrell wrote: >> >> > >> > >> > On 20/04/15 16:57, Russ Housley wrote: >> >> Stephen: >> >> >> >> I did not see the ACME effort as trying to throw everything out. >> > >> > If it is not used, then I don't think we're throwing it out:-) >> > >> >> Rather, throw out the parts that have been an impediment to the kind >> >> of automation proposed by ACME, but document the shortcoming. >> > >> > Sorry, I'm still not getting it. I don't see any need for ACME >> > to document why CMP etc failed or what was wrong with CMP that >> > may have caused it to fail. And the same for CMC etc. BTW by >> > "fail" here I mean: not used by the major deployed PKIs on the >> > public Internet. >> > >> > I also see no need at all to even try to re-use ASN.1 PDU >> > structures that are defined in CRMF etc. >> > >> > I do think that ACME ought learn from the past of course, and >> > am confident that there will be enough participants involved >> > who have that history for that to not be problematic. >> > >> > But I do not think ACME ought be required to re-use any ASN.1 >> > PDU definitions from any previous RFCs on this topic. >> > >> > Do we agree or disagree on that last? (I'm trying to get to >> > quite specific meanings for "duplicate.") >> > >> > Cheers, >> > S. >> > >> > >> > >> >> >> >> Russ >> >> >> >> On Apr 20, 2015, at 11:43 AM, Stephen Farrell wrote: >> >> >> >>> >> >>> Hi Russ, >> >>> >> >>> This bit puzzles me a lot, other bits puzzle me a little:-) >> >>> >> >>> On 20/04/15 16:23, Russ Housley wrote: >> >>>> The ACME WG will not duplicate work from previous IETF >> >>>> certificate management efforts. >> >>> >> >>> If accepted, that would seem to me to nullify the entire effort. >> >>> Can you explain why I'm reading it wrong? >> >>> >> >>> ACME absolutely will duplicate work from previous IETF certificate >> >>> management efforts that have failed to get traction over the last >> >>> decade and a half. That is entirely fine IMO and needs no explicit >> >>> justification whatsoever since we have 15 years of crystal clear >> >>> non-use, outside of niche environments. (It is true that what is >> >>> now considered a niche was not so considered back then.) >> >>> >> >>> In fact I believe anyone who claims such duplication is a problem >> >>> should be the one to provide evidence for that by documenting >> >>> exactly why and at what scale. >> >>> >> >>> It is just not credible for us to pretend that CMC, CMP, or EST are >> >>> widely used for certificate management on the public Internet. If >> >>> I'm wrong there I would really love to see the evidence but absent >> >>> such, duplicating bits of functionality present in current RFCs >> >>> that are not at all widely used is what is needed for this effort >> >>> and needs to be encouraged. >> >>> >> >>> I think we really ought bottom out on this aspect before chartering >> >>> - it'd be dumb of us to charter an ACME WG that has to fight all >> >>> the CRMF battles over again, or the ASN.1 vs. whatever issues. So I >> >>> hope lots of voices chime in and say what they think. >> >>> >> >>> S. >> >>> >> >>> _______________________________________________ Acme mailing list >> >>> Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme >> >> >> >> >> >> >> >> _______________________________________________ >> Acme mailing list >> Acme@ietf.org >> https://www.ietf.org/mailman/listinfo/acme > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme