A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Automated Certificate Management Environment
WG of the IETF.
Title : An ACME Profile for Generating Delegated Certificates
Authors : Yaron Sheffer
Diego López
Antonio Agustín Pastor Perales
Thomas Fossati
Filename : draft-ietf-acme-star-delegation-07.txt
Pages : 44
Date : 2021-03-26
Abstract:
This memo defines a profile of the Automatic Certificate Management
Environment (ACME) protocol by which the owner of an identifier
(e.g., a domain name) can allow a third party to obtain an X.509
certificate such that the certificate subject is the delegated
identifier while the certified public key corresponds to a private
key controlled by the third party. A primary use case is that of a
Content Delivery Network (CDN, the third party) terminating TLS
sessions on behalf of a content provider (the owner of a domain
name). The presented mechanism allows the owner of the identifier to
retain control over the delegation and revoke it at any time. A key
property of this mechanism is it does not require any modification to
the deployed TLS ecosystem.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-acme-star-delegation-07.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-delegation-07
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme