If I understood this compromise proposal, that implies to put STAR out of play… Or am I missing something?
-- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D https://www.linkedin.com/in/dr2lopez/ e-mail: diego.r.lo...@telefonica.com<mailto:diego.r.lo...@telefonica.com> Tel: +34 913 129 041 Mobile: +34 682 051 091 ---------------------------------- On 09/10/2018, 16:46, "Acme on behalf of Richard Barnes" <acme-boun...@ietf.org<mailto:acme-boun...@ietf.org> on behalf of r...@ipv.sx<mailto:r...@ipv.sx>> wrote: So here's the compromise I would propose: 1. Remove GET for certificates. I think this is a mistake, but I can grant that it's clunky as-is, and it will be straightforward to re-add it later if it's needed. 2. Keep the security considerations about capability URLs and the randomized examples. Those are needed for the correlation concerns regardless of GET. In units of PRs, I think that means: - Merge #459 (remove GET for certificates) - Merge #460 (randomize URLs) - Close #462 (meta flag for GET; obsoleted by #459) - Close #457 (remove recommendation for capability URLs; obsoleted by #459) Jacob, Daniel: How does that strike you? --Richard On Tue, Oct 9, 2018 at 10:32 AM Daniel McCarney <c...@letsencrypt.org<mailto:c...@letsencrypt.org>> wrote: I am also opposed to this change. I think it is a clunky solution and there hasn't been convincing justification of why the base ACME draft needs to carry this complexity instead of having STAR add the extensions it requires. On Mon, Oct 8, 2018 at 3:27 PM Jacob Hoffman-Andrews <j...@eff.org<mailto:j...@eff.org>> wrote: > > https://github.com/ietf-wg-acme/acme/pull/462<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_462&d=DwMCaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=zJkImRuZ93rmhcDQ-zHtt5LOUgwqtl2aszwdEpSC0-w&s=zCXMvIeBxWA73LLbBDMobFZR09mkRMCUrP9bM5v_ylk&e=> I'm opposed to this change. It's better for STAR to just extend the Order object with a new "gettableCert" URL field. Less complex. _______________________________________________ Acme mailing list Acme@ietf.org<mailto:Acme@ietf.org> https://www.ietf.org/mailman/listinfo/acme _______________________________________________ Acme mailing list Acme@ietf.org<mailto:Acme@ietf.org> https://www.ietf.org/mailman/listinfo/acme ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
