Hello Anders, The draft extends ACME to add client challenge methods that might be helpful. This could be for several use cases including code signing automation or client certificate management. Does the draft contain what you need? The use case from your message is not clear to me.
Thank you, Kathleen On Wed, Oct 13, 2021 at 8:42 AM Anders Rundgren < [email protected]> wrote: > After some research I found > https://datatracker.ietf.org/doc/draft-ietf-acme-client/ which almost > fills the bill. What would the preferred procedure be, including challenge? > > Attestations like offered by FIDO is not a part of ACME, right? > > thanx, > Anders > > On 2021-10-11 9:03, Anders Rundgren wrote: > > Dear ACME experts, > > > > I haven't kept track of ACME so please pardon my somewhat naive question: > > > > In Open Banking, service providers (TPPs) are equipped with TLS client > certificates as well as signature certificates. Currently the certificates > (including associated private keys), are distributed by the CA as encrypted > files. This makes updates fairly difficult and not entirely compatible > with the highly regulated nature of these providers. > > > > Question: does ACME support this scenario? > > > > thanx, > > Anders > > > > -- Best regards, Kathleen
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
