Yes,everyone should be polite.
Best Regards Richard Wang From: Deb Cooley <[email protected]> Sent: Sunday, July 27, 2025 5:50 PM To: [email protected] Cc: Michael Richardson <[email protected]>; IETF ACME <[email protected]> Subject: [Acme] Re: Personal review of draft-ietf-acme-client This is a warning that we need to be polite. What Michael means is that acme and est do not serve the same purpose. They are not interchangeable. Please be sure you understand which protocol fits your needs best. If you are attempting to register devices, then est may be better for you. There is, in fact, a draft called acme integrations which is sitting in the editors queue which gives a way to stitch acme and est together. Sadly that draft is still waiting for other drafts to progress (looking at you MCR). If you need some of the challenges in the current acme client draft, will you agree to help to author? review? review other acme drafts? Deb Sec AD On Sat, Jul 26, 2025 at 5:06 AM <[email protected] <mailto:[email protected]> > wrote: The facility is the worldwide ACME provider, not just Let's Encrypt. ZoTrus is an ACME provider, just need to add difference challenge, then we can provide other type certificate automation except TLS/SSL certificate. This word is also suitable for you "Please make sure you understand this deeply, or you will be very disappointed." Richard -----Original Message----- From: Michael Richardson <[email protected] <mailto:mcr%[email protected]> > Sent: Friday, July 25, 2025 9:56 PM To: [email protected] <mailto:[email protected]> ; 'IETF ACME' <[email protected] <mailto:[email protected]> > Subject: Re: [Acme] Re: Personal review of draft-ietf-acme-client <[email protected] <mailto:[email protected]> > wrote: > I mean ACME is already widely deployed in TLS/SSL certificate, it > issued more 20B certificates now. Not really relevant. It has issued no client certificates. (At least, none intended for that use, even if some are used that way) > So we can use the worldwide ACME facility for other type certificate > automation, just need to add challenge type, this is EST don’t have. By this, perhaps you mean the LetsEncrypt infrastructure, (and the certbot client). This infrastructure is not useable for client certificates **as is** Could it be changed? Of course: write LE a big enough checque. I'm sorry about this. I wish it could sing *and* dance. So, it's not going to help with this. Please make sure you understand this deeply, or you will be very disappointed. -- Michael Richardson <[email protected] <mailto:mcr%[email protected]> >, Sandelman Software Works -= IPv6 IoT consulting =- *I*LIKE*TRAINS* _______________________________________________ Acme mailing list -- [email protected] <mailto:[email protected]> To unsubscribe send an email to [email protected] <mailto:[email protected]>
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
