This is a great move for client certificate (except S/MIME certificate) and code signing certificate. I suggest adding Document signing certificate ACME support. Adobe required the document signing certificate must be securely stored in HSM like code signing certificate, so we can use the same challenge types here to document signing certificate, just need to add the statement that it is appliable to Document Signing certificate. Thanks.
Richard Wang -----Original Message----- From: [email protected] <[email protected]> Sent: Wednesday, May 28, 2025 10:05 PM To: [email protected] Cc: [email protected] Subject: [Acme] I-D Action: draft-ietf-acme-client-10.txt Internet-Draft draft-ietf-acme-client-10.txt is now available. It is a work item of the Automated Certificate Management Environment (ACME) WG of the IETF. Title: ACME End User Client and Code Signing Certificates Author: Kathleen M. Moriarty Name: draft-ietf-acme-client-10.txt Pages: 16 Dates: 2025-05-28 Abstract: Automated Certificate Management Environment (ACME) core protocol addresses the use case of web server certificates for TLS. This document extends the ACME protocol to support service account authentication credentials, micro-service accounts credentials, device client, and code signing certificates and keys. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-client/ There is also an HTMLized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-acme-client-10 A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-acme-client-10 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
