Hi ACME WG, We have updated the draft related to stir use of authority token specific to JWTClaimConstraints in ACME. I presented this at the last ACME IETF122 meeting and got some support, but also presented it at the STIR WG meeting and got good support there and will continue to keep the experts in the STIR wg in the loop of this document.
I would like to ask the working group to consider WG adoption. Like I mentioned, I think this is a straight forward profile document that is likely mostly complete for authority token and follows the same pattern as TNAuthList for the other RFC8226 defined certificate extension JWTClaimConstraints. Chairs, would appreciate your support for asking for Working Group adoption. Thanks! -Chris > Begin forwarded message: > > From: [email protected] > Subject: New Version Notification for > draft-wendt-acme-authority-token-jwtclaimcon-01.txt > Date: June 13, 2025 at 8:38:08 AM EDT > To: "Chris Wendt" <[email protected]>, "David Hancock" > <[email protected]> > > A new version of Internet-Draft > draft-wendt-acme-authority-token-jwtclaimcon-01.txt has been successfully > submitted by Chris Wendt and posted to the > IETF repository. > > Name: draft-wendt-acme-authority-token-jwtclaimcon > Revision: 01 > Title: JWTClaimConstraints profile of ACME Authority Token > Date: 2025-06-13 > Group: Individual Submission > Pages: 16 > URL: > https://www.ietf.org/archive/id/draft-wendt-acme-authority-token-jwtclaimcon-01.txt > Status: > https://datatracker.ietf.org/doc/draft-wendt-acme-authority-token-jwtclaimcon/ > HTMLized: > https://datatracker.ietf.org/doc/html/draft-wendt-acme-authority-token-jwtclaimcon > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-wendt-acme-authority-token-jwtclaimcon-01 > > Abstract: > > This document defines an authority token profile for handling the > validation of JWTClaimConstraints and EnhancedJWTClaimConstraints. > This profile follows the model established in Authority Token for the > validation of TNAuthList but is specifically tailored for the > JWTClaimConstraints certificate extensions. The profile enables > validation and challenge processes necessary to support certificates > containing both TNAuthList and JWTClaimConstraints, particularly in > the context of Secure Telephone Identity (STI). > > > > The IETF Secretariat > >
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
