Howdy,
I request time to present
https://datatracker.ietf.org/doc/draft-mattsson-acme-use-cases/ (focusing on
the tunnelling illustrated in Figure 3).
I think there need be be a discussion on how ACME is supposed to work in
domains with more than one web server. During the BoF Eric Rescorla
http://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00
The WG should spend some time on this; it's on the agenda. For the benefit of
the list, I asked Mike off-line if he could attend the WG meeting.
___
Acme mailing list
Another point I think should be considered on the agenda is how to use JOSE
in the spec.
I think it would be a very good idea to adopt the approach Mike Jones and
myself have been suggesting of using JOSE without base64 armoring for
authenticating requests and responses at the Web Service level.
Dealing with JOSE nuances is not germane to this WG.
Yes, JOSE has failings -- pretty much all of which were pointed out
during the JOSE WG process, and dismissed at the time. They are not
so bad, however, as to render JOSE as-is unusable. Certainly the cure
described in