Greetings! This version adds Document signing per request from Richard Wang. To include this CSR type, I added a reference to RFC9336 and included the OID information for that EKU.
If CSR details are left out of the spec for a certificate type and extended key usage, a user can combine any challenge type with a CSR holding the information to obtain the desired certificate type as these are decoupled in the ACME standard. I also corrected typos from the last version. Please let me know if anyone else has additional requests or comments. Thank you! Best regards, Kathleen On Tue, Jun 17, 2025 at 8:33 PM <[email protected]> wrote: > Internet-Draft draft-ietf-acme-client-12.txt is now available. It is a work > item of the Automated Certificate Management Environment (ACME) WG of the > IETF. > > Title: ACME End User Client and Code Signing Certificates > Author: Kathleen M. Moriarty > Name: draft-ietf-acme-client-12.txt > Pages: 16 > Dates: 2025-06-17 > > Abstract: > > Automated Certificate Management Environment (ACME) core protocol > addresses the use case of web server certificates for TLS. This > document extends the ACME protocol to support service account > authentication credentials, micro-service accounts credentials, > device client, code signing, document signing certificates and keys. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-acme-client/ > > There is also an HTMLized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-acme-client-12 > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-acme-client-12 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > Acme mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Best regards, Kathleen
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
