Hi folks, As the WG approaches last-call on ACME draft-07[0] I wanted to get a sense of which portions of the spec have been implemented and which haven't.
In particular I'd like to hear if anyone has implemented: * External Account Binding (Section 7.3.5) * Pre-Authorization for Order based issuance (Section 7.4.1) * The Out-of-Band Challenge type (Section 8.6) Let's Encrypt has made good progress on draft-07 server implementation but has no plans to implement the above three features. It would be nice to hear someone has running code for these protions of spec. Ignoring the above three items Let's Encrypt has implemented the core portions of draft-07 in Pebble[1]. It's presently using the pro-active issuance method described in draft-07. It does not support key change or revocation but is ready to be used by clients. There is an integration test client[2] based on Certbot's ACME python module and ACME4j has an experimental branch[3] capable of issuing certificates from Pebble. Let's Encrypt has also made significant progress implementing draft-07 in Boulder[4], the production Let's Encrypt CA software, but it is not yet ready for use by clients. This implementation does include key change and revocation but does **not** use pro-active issuance. I began a separate thread[5] for the order finalization approach that we have started to implement for Boulder. Pebble will be updated to use this issuance approach in place of pro-active issuance shortly. Are there any other servers or clients out there that are speaking draft-07 ACME and using order based issuance? - Daniel / cpu [0]: https://tools.ietf.org/html/draft-ietf-acme-acme-07 [1]: https://github.com/letsencrypt/pebble [2]: https://github.com/letsencrypt/boulder/blob/e2cc6fbe682dd5d49da32c2357838b0cc831f10f/test/chisel2.py [3]: https://github.com/shred/acme4j/tree/draft [4]: https://github.com/letsencrypt/boulder [5]: https://mailarchive.ietf.org/arch/msg/acme/DIjJEB06J5cFyuOlGPVcY2I51vg
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme