At the end of the ACME BoF, it was suggested that the next step was charter language. I took a stab at some to get the discussion going.
I did not consider milestones yet. I think it is easier to get consensus on the charter text and then discuss milestones. Please review and comment. Russ = = = = = = = Automated Certificate Management Environment (ACME) Historically, issuance of certificates for Internet applications (e.g., web servers) has involved many manual identity validation steps by the certification authority (CA). The ACME WG will specify conventions for automated X.509 certificate management, including validation of control over an identifier, certificate issuance, certificate renewal, and certificate revocation. The initial focus of the ACME WG will be on domain name certificates (as used by web servers), but other uses of certificates can be considered as work progresses. ACME certificate management must allow the CA to verify, in an automated manner, that the party requesting a certificate has authority over the requested identifiers, including the subject and subject alternative names. The processing must also confirm that the requesting party has access to the private key that corresponds to the public key that will appear in the certificate. All of the processing must be done in a manner that is compatible with common service deployment environments, such as hosting environments. ACME certificate management must, in an automated manner, allow a party that has previously requested a certificate to subsequently request revocation of that certificate. In order to facilitate deployment by CAs, the ACME protocol must be compatible with common industry standards for the operation of a CA, for example the CA/Browser Forum Baseline Requirements [0]. The ACME WG will not duplicate work from previous IETF certificate management efforts. If it is necessary to develop a replacement for previous effort, the ACME WG will document the aspects of that work that prevent it from being used for the envisioned automated tasks. The starting point for ACME WG discussions shall be draft-barnes-acme. [0] https://cabforum.org/wp-content/uploads/BRv1.2.3.pdf _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
