All,
I have just submitted new updated version to address the issues raised by
Ilari and Ryan.
I would appreciate any more reviews and comments.
Regards,
Rifaat
-- Forwarded message -
From:
Date: Wed, Jan 16, 2019 at 3:28 PM
Subject: New Version Notification for
draft-yusef-ac
On Wed, Jan 16, 2019 at 03:32:57PM -0500, Rifaat Shekh-Yusef wrote:
> All,
>
> I have just submitted new updated version to address the issues raised by
> Ilari and Ryan.
> I would appreciate any more reviews and comments.
>
> -- Forwarded message -
> Name: draft-yusef-a
Hi,
There is a Boulder-based full implementation (including the delegation
mechanisms in draft-ietf-acme-star-delegation) available in Github:
https://github.com/mami-project/lurk
(the repository is called “lurk” and not “star” because pure historical reasons)
It has been used in several demos
Thanks Ilari,
Section 2.4 is a informative section that meant to provide a high level
view of the full flow.
Remember that the assumption is that the Client already has an account with
ACME and already proved it controls customer.com domain.
The first request in this flow will be the same as def
It seems like the core of this draft is identifier delegation. Namely, the
CA recognizes the DA as an authority for a certain identifier space (e.g.,
the first few octets of a MAC address), and the JWT delegates permission to
issue certificates for some identifier in that space to the Client.
Giv
