> On Jun 21, 2020, at 12:28 PM, Michael Richardson <mcr+i...@sandelman.ca> > wrote: > > > Russ Housley <hous...@vigilsec.com> wrote: >> One cannot send email to the character string in this specification, so >> it should not be carried in the rfc822name. > > You can send email to that character string if you configure the MX. > It was designed specifically to accomodate that. > > I objected at the time: I thought it was a stupid feature, that no sensible > IKEv2 daemon > was going to have to send/receive email. > > But, Toerless was paranoid that if we did anything at all out of the > ordinary, that the corporate CA people, in order to protect their fiefdom, > would freak out and throw some huge roadblock in the way of deploying the ACP. > > And, now have an ACME method past WGLC that does certificate validation by > SMTP.
Looking at the email certificate enrollment work in the ACME WG (draft-ietf-acme-email-smime-08), I have a hard time seeing how the device that knows the private key could participate in such a protocol. How do you see it working? Russ
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
