Hi all,

This latest version of the ARI draft contains four material changes, based
on feedback received in the lead-up to IETF 117:

- The "Current Implementations" section is now up-to-date and lists
multiple server and client implementations.

- The "IANA Considerations" section has been updated to match the required
format (to the best of my current understanding).

- The format of the request URL has been simplified from the OCSP CertID
structure to a concatenation of the AKID and Serial. See discussion and
context at
https://mailarchive.ietf.org/arch/msg/acme/AeJ3zJKcBF-ZUhQXJajC0bb7orI/,
https://community.letsencrypt.org/t/thoughts-from-starting-to-play-with-ari/200276,
and https://github.com/aarongable/draft-acme-ari/issues/43.

- The POST renewalInfo method has been replaced by a new optional field on
New Order requests. See discussion and context at
https://mailarchive.ietf.org/arch/msg/acme/AeJ3zJKcBF-ZUhQXJajC0bb7orI/,
https://community.letsencrypt.org/t/thoughts-from-starting-to-play-with-ari/200276,
https://github.com/aarongable/draft-acme-ari/issues/50, and
https://github.com/aarongable/draft-acme-ari/issues/25.

These do represent backwards-incompatible changes that existing
implementations will have to adopt, but I believe it is better to make such
a change now than realize we specified it poorly later down the line :)

Thanks,
Aaron

On Thu, Aug 10, 2023 at 1:33 PM <[email protected]> wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories. This Internet-Draft is a work item of the Automated
> Certificate
> Management Environment (ACME) WG of the IETF.
>
>    Title           : Automated Certificate Management Environment (ACME)
> Renewal Information (ARI) Extension
>    Author          : None
>    Filename        : draft-ietf-acme-ari-02.txt
>    Pages           : 11
>    Date            : 2023-08-10
>
> Abstract:
>    This document specifies how an ACME server may provide suggestions to
>    ACME clients as to when they should attempt to renew their
>    certificates.  This allows servers to mitigate load spikes, and
>    ensures clients do not make false assumptions about appropriate
>    certificate renewal periods.
>
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-acme-ari/
>
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-acme-ari-02.html
>
> A diff from the previous version is available at:
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-acme-ari-02
>
> Internet-Drafts are also available by rsync at rsync.ietf.org:
> :internet-drafts
>
>
> _______________________________________________
> Acme mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/acme
>
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme

Reply via email to