Hi,
I am exploring the idea of using ACME for issuing certificates for
endpoints using the Pre-Authorization process, and I have a question about
that process.
I reviewed the editor's version published May 22, 2017.
Section 7.4.1. Pre-Authorization states that after the client sends a
request a
I do not believe that I got an answer to my pre-authorization question here:
https://www.ietf.org/mail-archive/web/acme/current/msg01991.html
What would be the response of the server if the client sends the
certificate issuance request after it sends the pre-authorization request
but
before it com
On Mon, Jun 26, 2017 at 5:11 PM, Jacob Hoffman-Andrews wrote:
> On 06/07/2017 05:50 AM, Rifaat Shekh-Yusef wrote:
> > What is the expected behavior of the server if the client sends the
> > certificate issuance request after it sends the pre-authorization
> > request but
&g
On Tue, Jun 27, 2017 at 2:29 PM, Jacob Hoffman-Andrews wrote:
> On 06/27/2017 05:15 AM, Rifaat Shekh-Yusef wrote:
>
>
>
>> The server would create an order object with one or more
>> authorizations objects that need to be fulfilled.
>
>
> My point is that the pr
> On Fri, Jun 23, 2017 at 3:33 PM, Rifaat Shekh-Yusef > wrote:
>
>> I do not believe that I got an answer to my pre-authorization question
>> here:
>> https://www.ietf.org/mail-archive/web/acme/current/msg01991.html
>>
>> What would be the response of the ser
What about the payload? would you return "challenges" or "authorization?
Regards,
Rifaat
On Tue, Jul 18, 2017 at 8:49 PM, Jacob Hoffman-Andrews wrote:
> On 07/18/2017 10:13 AM, Rifaat Shekh-Yusef wrote:
>
> Hi Richard,
>
> Take a look at the followin
-- Forwarded message -
From:
Date: Sat, Jan 12, 2019 at 12:34 PM
Subject: New Version Notification for
draft-yusef-acme-3rd-party-device-attestation-00.txt
To: Rifaat Shekh-Yusef
A new version of I-D, draft-yusef-acme-3rd-party-device-attestation-00.txt
has been successfully submitted by Rifaat
I was hoping to present and discuss the following new draft in Prague and
before closing this WG.
https://datatracker.ietf.org/doc/draft-yusef-acme-3rd-party-device-attestation/
Regards,
Rifaat
On Tue, Jan 15, 2019 at 12:31 PM Richard Barnes wrote:
> I hold out hope that we can have the WG cl
I have submitted the draft and sent an email to the list only few days ago,
so I would like first give the WG a chance to review it and
provide feedback.
Regards,
Rifaat
On Tue, Jan 15, 2019 at 12:53 PM Salz, Rich wrote:
> We have more than a month to discuss the draft here on the mailing
Thanks Ilari,
Please, see me reply inline...
Regards,
Rifaat
On Tue, Jan 15, 2019 at 1:13 PM Ilari Liusvaara
wrote:
> On Sat, Jan 12, 2019 at 12:38:59PM -0500, Rifaat Shekh-Yusef wrote:
> > Hi,
> >
> > I have submitted the draft below that defines a mechanism to automa
Thanks Ryan,
Please, see my reply inline...
Regards,
Rifaat
On Tue, Jan 15, 2019 at 2:56 PM Ryan Sleevi wrote:
>
>
> On Tue, Jan 15, 2019 at 1:58 PM Rifaat Shekh-Yusef
> wrote:
>
>> The proposed mechanism does not suggest the CA perform a domain
>> validation
-acme-3rd-party-device-attestation-01.txt
To: Rifaat Shekh-Yusef
A new version of I-D, draft-yusef-acme-3rd-party-device-attestation-01.txt
has been successfully submitted by Rifaat Shekh-Yusef and posted to the
IETF repository.
Name: draft-yusef-acme-3rd-party-device-attestation
helps.
I will try to expand on this in the next version of the document.
Regards,
Rifaat
On Wed, Jan 16, 2019 at 4:15 PM Ilari Liusvaara
wrote:
> On Wed, Jan 16, 2019 at 03:32:57PM -0500, Rifaat Shekh-Yusef wrote:
> > All,
> >
> > I have just submitted new updated version
he lines of
> [2], to just define a token type and maybe an identifier type.
>
> --Richard
>
> [1] https://tools.ietf.org/html/draft-ietf-acme-authority-token
> [2]
> https://tools.ietf.org/wg/acme/draft-ietf-acme-authority-token-tnauthlist/
>
> On Wed, Jan 16, 2019 at 12:33 PM Rifaa
spatch
> process.
>
> On Thu, Jan 17, 2019 at 12:49 Rifaat Shekh-Yusef
> wrote:
>
>> Thanks Richard,
>>
>> The redirection is not critical part, and your explanation makes sense.
>> I looked at the "authority token" documents a while ago; I will take a
>
type and maybe an identifier type.
>
> --Richard
>
> [1] https://tools.ietf.org/html/draft-ietf-acme-authority-token
> [2]
> https://tools.ietf.org/wg/acme/draft-ietf-acme-authority-token-tnauthlist/
>
> On Wed, Jan 16, 2019 at 12:33 PM Rifaat Shekh-Yusef
> wrote:
&g
Inline...
On Wed, Jan 23, 2019 at 3:07 PM Richard Barnes wrote:
> Inline.
>
> On Sun, Jan 20, 2019 at 3:04 PM Rifaat Shekh-Yusef
> wrote:
>
>> I looked at the TNAuthList draft, and as far as I understand, the
>> framework seems
>> a bit different from this pro
Thanks for the review and feedback, James.
See my reply inline below.
Regards,
Rifaat
On Thu, Jan 24, 2019 at 8:27 PM Manger, James <
james.h.man...@team.telstra.com> wrote:
> I’m confused about what is desired with
> draft-yusef-acme-3rd-party-device-attestation, but I think it may be quite
>
James,
"That way the ACME CA doesn’t need to know anything about the device
attestation."
No, the ACME CA would need to validate the JWT provided by the Device
Authority.
Regards,
Rifaat
On Fri, Jan 25, 2019 at 8:06 AM Rifaat Shekh-Yusef
wrote:
> Thanks for the review and fe
Rich,
How much time is allocated to these items?
Regards,
Rifaat
On Tuesday, March 19, 2019, Salz, Rich wrote:
> The agenda has been posted to https://datatracker.ietf.org/
> meeting/104/session/acme It is also below.
>
>
>
> If you want to volunteer before the meeting to do Jabber and/or m
t 40 minutes) is for
> device attestation and client certs.
>
> Sent from my phone
> ----------
> *From:* Rifaat Shekh-Yusef
> *Sent:* Thu Mar 21 13:18:59 GMT+02:00 2019
> *To:* "Salz, Rich"
> *Cc:* "acme@ietf.org"
> *Subject:* Re: [Acme
Hi Richard,
I was not aware of the ANIMA work before the meeting in Prague, so I will
definitely look into that in details.
One use case that I have in mind is a way to make sure that a specific
device can only be used by a specific party.
If you rely on RP to request identities for the device, t
Friel (ofriel)
wrote:
> Hi Rifaat,
>
> Inline.
>
>
>
> *From:* Rifaat Shekh-Yusef
> *Sent:* 17 April 2019 20:37
> *To:* Richard Barnes
> *Cc:* IETF ACME ; Owen Friel (ofriel)
> *Subject:* Re: Use cases / trust model for device certs
>
>
>
> Hi Richa
23 matches
Mail list logo