Re: [Acme] IETF 107; agenda
Salz, Rich wrote: > Yaron and I cannot attend and will be remote. We have volunteers to > act as chairs for us (on CC). Looking at the list below, it seems > reasonable to cancel our session. PLEASE POST IF YOU DISAGREE. Of > course "they" may decide to cancel anyway, but please post your > opinion here. Hi, if you are going to cancel (I would prefer NOT to), then please schedule a virtual interim for early April to replace it. > draft-ietf-acme-authority-token-04, ACME Challenges Using an Authority Token -and- > draft-ietf-acme-authority-token-tnauthlist-05, TNAuthList profile of ACME Authority Token > Any update from the authors? Is this ready for WGLC? > This has never had much in-person discussion, and the domain expertise is in STIR I have read this document when it came up in STIR, and I don't think that here is much to say about this. Is there feedback from implementers? I don't think that this needs face time to advance. > draft-ietf-acme-client-00, ACME End User Client and Code Signing Certificates > Any updates? This was recently adopted by the WG. no idea. > draft-ietf-acme-integrations-00, ACME Integrations > Michael Richardson can present. I was given some slides (wasn't I Owen? Or did you just say that you'd send some), and the major item was to clarify the changes that were made based comments. I think that there isn't much to say. I have running code that integrates ACME with a BRSKI Registrar. > draft-friel-acme-subdomains-02 > Michael Richardson can present; this is a topic for WG adoption At first, I think that we thought that this work required no standard action, because it was within the server's policy to do this or not. However, the client may not know the server's policy, and so section 5 adds the basedomain and implicitSubdomainAuthorization boolean. If it comes back false (or missing), then the client knows it has to perform authorizations for every request (which is what my code above does). I think that the WG previously expressed interest in adopting it, pending some changes, and those changes are made. It may not need actual WG time, except that having it on a schedule sometimes gets a document read :-) > draft-ietf-acme-email-smime-06, Extensions to Automatic Certificate > Management Environment for end user S/MIME certificates > Any updates? Ready for WGLC? > draft-ietf-acme-star-delegation-03, An ACME Profile for Generating Delegated STAR Certificates > Yaron just pushed a new update. Does this need F2F time? The main > document (draft-ietf-acme-star-11, Support for Short-Term, > Automatically-Renewed (STAR) Certificates in Automated Certificate > Management Environment (ACME) is already in IESG review and probably > wants this one to be in the same bundle.) I think both are ready to be adopted. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] I-D Action: draft-ietf-acme-authority-token-05.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Automated Certificate Management Environment WG of the IETF. Title : ACME Challenges Using an Authority Token Authors : Jon Peterson Mary Barnes David Hancock Chris Wendt Filename: draft-ietf-acme-authority-token-05.txt Pages : 12 Date: 2020-03-09 Abstract: Some proposed extensions to the Automated Certificate Management Environment (ACME) rely on proving eligibility for certificates through consulting an external authority that issues a token according to a particular policy. This document specifies a generic Authority Token challenge for ACME which supports subtype claims for different identifiers or namespaces that can be defined separately for specific applications. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-authority-token/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-acme-authority-token-05 https://datatracker.ietf.org/doc/html/draft-ietf-acme-authority-token-05 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-authority-token-05 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
Re: [Acme] IETF 107; agenda
It would not be the first time people confused Yoav and myself. I am honored... Yaron (me) is not planning to be there, I am banned by both my company and my government. Re: STAR, Rich didn't get it completely right: the base STAR is in AUTH48 and might actually get published in the next day or two. STAR Delegation has made lots of progress since the last meeting, but personally (I have not consulted with my coauthors) I think is not ready for LC yet. I'll be happy to present the progress remotely, if the meeting does happen. Thanks, Yaron On 3/9/20, 19:42, "Salz, Rich" wrote: That is what I get for looking at the "new draft" email from Yaron while writing mail to ACME. Ooops. On 3/9/20, 1:34 PM, "Yoav Nir" wrote: …and Yoav won’t be there either. No idea about Yaron. > On 9 Mar 2020, at 17:11, Salz, Rich wrote: > > Yaron and I cannot attend and will be remote. We have volunteers to act as chairs for us (on CC). Looking at the list below, it seems reasonable to cancel our session. PLEASE POST IF YOU DISAGREE. Of course "they" may decide to cancel anyway, but please post your opinion here. > > Let’s look at the documents in our queue and see which need time at IETF 107. See https://datatracker.ietf.org/wg/acme/documents/ to link to the document. > > draft-ietf-acme-authority-token-04, ACME Challenges Using an Authority Token -and- > draft-ietf-acme-authority-token-tnauthlist-05, TNAuthList profile of ACME Authority Token > Any update from the authors? Is this ready for WGLC? > This has never had much in-person discussion, and the domain expertise is in STIR > > draft-ietf-acme-client-00, ACME End User Client and Code Signing Certificates > Any updates? This was recently adopted by the WG. > > draft-ietf-acme-integrations-00, ACME Integrations > Michael Richardson can present. > > draft-friel-acme-subdomains-02 > Michael Richardson can present; this is a topic for WG adoption > > draft-ietf-acme-email-smime-06, Extensions to Automatic Certificate Management Environment for end user S/MIME certificates > Any updates? Ready for WGLC? > > draft-ietf-acme-star-delegation-03, An ACME Profile for Generating Delegated STAR Certificates > Yaron just pushed a new update. Does this need F2F time? The main document (draft-ietf-acme-star-11, Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME) is already in IESG review and probably wants this one to be in the same bundle.) > > > ___ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] I-D Action: draft-ietf-acme-authority-token-tnauthlist-06.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Automated Certificate Management Environment WG of the IETF. Title : TNAuthList profile of ACME Authority Token Authors : Chris Wendt David Hancock Mary Barnes Jon Peterson Filename: draft-ietf-acme-authority-token-tnauthlist-06.txt Pages : 14 Date: 2020-03-09 Abstract: This document defines a profile of the Automated Certificate Management Environment (ACME) Authority Token for the automated and authorized creation of certificates for VoIP Telephone Providers to support Secure Telephony Identity (STI) using the TNAuthList defined by STI certificates. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-authority-token-tnauthlist/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-acme-authority-token-tnauthlist-06 https://datatracker.ietf.org/doc/html/draft-ietf-acme-authority-token-tnauthlist-06 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-authority-token-tnauthlist-06 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
Re: [Acme] IETF 107; agenda
That is what I get for looking at the "new draft" email from Yaron while writing mail to ACME. Ooops. On 3/9/20, 1:34 PM, "Yoav Nir" wrote: …and Yoav won’t be there either. No idea about Yaron. > On 9 Mar 2020, at 17:11, Salz, Rich wrote: > > Yaron and I cannot attend and will be remote. We have volunteers to act as chairs for us (on CC). Looking at the list below, it seems reasonable to cancel our session. PLEASE POST IF YOU DISAGREE. Of course "they" may decide to cancel anyway, but please post your opinion here. > > Let’s look at the documents in our queue and see which need time at IETF 107. See https://datatracker.ietf.org/wg/acme/documents/ to link to the document. > > draft-ietf-acme-authority-token-04, ACME Challenges Using an Authority Token -and- > draft-ietf-acme-authority-token-tnauthlist-05, TNAuthList profile of ACME Authority Token > Any update from the authors? Is this ready for WGLC? > This has never had much in-person discussion, and the domain expertise is in STIR > > draft-ietf-acme-client-00, ACME End User Client and Code Signing Certificates > Any updates? This was recently adopted by the WG. > > draft-ietf-acme-integrations-00, ACME Integrations > Michael Richardson can present. > > draft-friel-acme-subdomains-02 > Michael Richardson can present; this is a topic for WG adoption > > draft-ietf-acme-email-smime-06, Extensions to Automatic Certificate Management Environment for end user S/MIME certificates > Any updates? Ready for WGLC? > > draft-ietf-acme-star-delegation-03, An ACME Profile for Generating Delegated STAR Certificates > Yaron just pushed a new update. Does this need F2F time? The main document (draft-ietf-acme-star-11, Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME) is already in IESG review and probably wants this one to be in the same bundle.) > > > ___ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
Re: [Acme] IETF 107; agenda
…and Yoav won’t be there either. No idea about Yaron. > On 9 Mar 2020, at 17:11, Salz, Rich wrote: > > Yaron and I cannot attend and will be remote. We have volunteers to act as > chairs for us (on CC). Looking at the list below, it seems reasonable to > cancel our session. PLEASE POST IF YOU DISAGREE. Of course "they" may > decide to cancel anyway, but please post your opinion here. > > Let’s look at the documents in our queue and see which need time at IETF 107. > See https://datatracker.ietf.org/wg/acme/documents/ to link to the document. > > draft-ietf-acme-authority-token-04, ACME Challenges Using an Authority Token > -and- > draft-ietf-acme-authority-token-tnauthlist-05, TNAuthList profile of ACME > Authority Token > Any update from the authors? Is this ready for WGLC? > This has never had much in-person discussion, and the domain expertise > is in STIR > > draft-ietf-acme-client-00, ACME End User Client and Code Signing Certificates > Any updates? This was recently adopted by the WG. > > draft-ietf-acme-integrations-00, ACME Integrations > Michael Richardson can present. > > draft-friel-acme-subdomains-02 > Michael Richardson can present; this is a topic for WG adoption > > draft-ietf-acme-email-smime-06, Extensions to Automatic Certificate > Management Environment for end user S/MIME certificates > Any updates? Ready for WGLC? > > draft-ietf-acme-star-delegation-03, An ACME Profile for Generating Delegated > STAR Certificates > Yaron just pushed a new update. Does this need F2F time? The main > document (draft-ietf-acme-star-11, Support for Short-Term, > Automatically-Renewed (STAR) Certificates in Automated Certificate Management > Environment (ACME) is already in IESG review and probably wants this one to > be in the same bundle.) > > > ___ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] IETF 107; agenda
Yaron and I cannot attend and will be remote. We have volunteers to act as chairs for us (on CC). Looking at the list below, it seems reasonable to cancel our session. PLEASE POST IF YOU DISAGREE. Of course "they" may decide to cancel anyway, but please post your opinion here. Let’s look at the documents in our queue and see which need time at IETF 107. See https://datatracker.ietf.org/wg/acme/documents/ to link to the document. draft-ietf-acme-authority-token-04, ACME Challenges Using an Authority Token -and- draft-ietf-acme-authority-token-tnauthlist-05, TNAuthList profile of ACME Authority Token Any update from the authors? Is this ready for WGLC? This has never had much in-person discussion, and the domain expertise is in STIR draft-ietf-acme-client-00, ACME End User Client and Code Signing Certificates Any updates? This was recently adopted by the WG. draft-ietf-acme-integrations-00, ACME Integrations Michael Richardson can present. draft-friel-acme-subdomains-02 Michael Richardson can present; this is a topic for WG adoption draft-ietf-acme-email-smime-06, Extensions to Automatic Certificate Management Environment for end user S/MIME certificates Any updates? Ready for WGLC? draft-ietf-acme-star-delegation-03, An ACME Profile for Generating Delegated STAR Certificates Yaron just pushed a new update. Does this need F2F time? The main document (draft-ietf-acme-star-11, Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME) is already in IESG review and probably wants this one to be in the same bundle.) ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
