Re: [Acme] [Non-DoD Source] Re: Publication has been requested for draft-ietf-acme-integrations-10
No idea how that happened. But it has been changed to Informational (which is what I understood the proposal was). Either magic, or someone did this (not me, LOL). Deb Cooley deco...@radium.ncsc.mil 410-854-3961 Pronouns: she/her -Original Message- From: Michael Richardson Sent: Saturday, October 01, 2022 6:32 AM To: Deb Cooley via Datatracker Cc: r...@cert.org; acme-cha...@ietf.org; acme@ietf.org; Cooley, Dorothy E ; iesg-secret...@ietf.org Subject: [Non-DoD Source] Re: [Acme] Publication has been requested for draft-ietf-acme-integrations-10 Deb Cooley via Datatracker wrote: > Deb Cooley has requested publication of draft-ietf-acme-integrations-10 > as None on behalf of the ACME working group. Probably, you didn't tell the Datatracker what the intended status was, which I think is Proposed Standard. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- smime.p7s Description: S/MIME cryptographic signature ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] 2nd working group call for adoption
This is the second working group call for adoption of: draft-friel-acme-subdomains-05. We have had presentations of this work at the most recent interim (clarifications presented) and at many of the past IETF meetings. Please review the draft and post your comments to the list by Thursday, 28 October 2021. Thanks, Deb and Yoav ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] comments on draft-ietf-acme-client-03.txt
Kathleen, Thank you for updating the client draft. This is a rough and quick review, just to get things started: 1. Section 3, para 1: Storage of certificates is trivial (they are public), storage of private keys is more important. Is this too pedantic? (note: this confusion of certificates and private keys continues through the draft, not just in this paragraph) 2. Section 3, []: Isn't this why we need identity credential (i.e. the key and certificate)? An authentication challenge doesn't 'test the identity of the user', but using the identity credential is supposed to chain back to the fact that the identity of the user was validated. 3. Section 4: I will freely admit that code signing certificates makes me extremely twitchy (my own biases at play). Of all the things that could be automated, I would choose this one last. I haven't had a chance to look at the current state of CA/Browser Forum requirements for code signing certificates, OV (organizational validation), or EV wrt code signing. My personal opinion is that we should tread carefully here. I would be curious to see what use case needs this. And who would consider implementing. I'm going to pass on comments this time around. 4. Section 5: SMS is only mentioned once in RFC 8555 as a notification method - for a user to go back and collect the completed certificate. I don't see where it is listed as an allowed pre-authorization challenge method. (Note: collection of an issued certificate is not the same as holding the complete credential (private key and certificate)) typos, etc. 1. Section 3, para 1: KMIP, spell this out somewhere. I think you only use this once... Deb Cooley deco...@nsa.gov Pronouns: she/her smime.p7s Description: S/MIME cryptographic signature ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
Re: [Acme] acme interim
Possible agenda items might include: Aaron Gable's work (see his message to the list sent on 20 Aug) Updates on current work items New work proposals This is an attempt to re-energize the group. If there is interest in work, then it needs to be proposed or discussed. Deb Cooley deco...@nsa.gov -Original Message- From: Cooley, Dorothy E Sent: Tuesday, August 31, 2021 3:33 PM To: 'acme@ietf.org' Subject: acme interim Attached is a doodle poll to choose an acme interim date (29 Sep-1 Oct). Please vote for all the days/times you can support. We'd like to have this sorted by 10 Sep, if possible. https://doodle.com/poll/wbp3qkumfua6b2b5?utm_source=poll_medium=link In addition, if you have topics/presentations you would like to add to the interim agenda, then please let the chairs know. Thanks, Deb and Yoav ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] acme interim
Attached is a doodle poll to choose an acme interim date (29 Sep-1 Oct). Please vote for all the days/times you can support. We'd like to have this sorted by 10 Sep, if possible. https://doodle.com/poll/wbp3qkumfua6b2b5?utm_source=poll_medium=link In addition, if you have topics/presentations you would like to add to the interim agenda, then please let the chairs know. Thanks, Deb and Yoav ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] working group call for adoption
This is a working group call for adoption of: draft-friel-acme-subdomains-05. We have had presentations of this work at the past couple of IETF meetings (back to when we still met in person - sigh). Please review the draft and post your comments to the list by Wednesday, 15 September 2021. Thanks, Deb and Yoav smime.p7s Description: S/MIME cryptographic signature ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] FW: [Non-DoD Source] FW: NomCom 2021-2022 Call for Nominations
Please nominate people that you think will help move the IETF forward. Deb Cooley deco...@nsa.gov 410-854-3961 Pronouns: she/her -Original Message- From: ietf On Behalf Of NomCom Chair 2021 Sent: Monday, August 30, 2021 10:04 To: IETF Announcement List Cc: i...@ietf.org Subject: NomCom 2021-2022 Call for Nominations Finally! The moment we've all been waiting for: C A L L F O R N O M I N A T I O N S ! ! ! The 2021-22 IETF Nominating Committee (NomCom) is seeking nominations from now until Monday, October 11, 2021. The open positions and more information are found at the NomCom web site: https://datatracker.ietf.org/nomcom/2021/ They are also included below for convenience. Nominations may be made by selecting the Nominate link at the top of the NomCom 2021 home page, or by visiting the following URL: https://datatracker.ietf.org/nomcom/2021/nominate/ Self-nomination is welcome! Note: Nominations made using the web tool require an ietf.org datatracker account. You can create a datatracker ietf.org account if you don't have one already by visiting the following URL: https://datatracker.ietf.org/accounts/create/ If you are unable to use the web form, nominations may instead be made by email to nomcom-2021 at ietf dot org. If using email, please include the word "Nominate" in the Subject and indicate in the email who is being nominated, their email address (to confirm acceptance of the nomination), and the position for which you are making the nomination. If you are nominating someone other than yourself, please tell us if we may tell the nominee that you were the one who made the nomination. If you wish to nominate someone via email for more than one position, please use separate emails to do so. Willing nominees will be asked to fill out a questionnaire specific to the position for which they are nominated. The finalized questionnaires will be available no later than Monday, September 6, 2021 (preliminary versions are already posted) and have a submission deadline of Monday, October 18, 2021. NomCom 2021-22 will follow the policy for "Open Disclosure of Willing Nominees" described in BCP 10/RFC 8713: "The list of nominees willing to be considered for positions under review in the current NomCom cycle is not confidential". Willing nominees for each position will be listed in a publicly accessible way, e.g., anyone with a datatracker account may access the lists. Additionally, the nomination form asks if we may share your own name with the nominee. In all other ways, the confidentiality requirements of BCP 10 remain in effect. All feedback and all NomCom deliberations will remain confidential and will not be disclosed. There is a field on the form you can mark in order to allow the NomCom to tell the nominee that you were the one who made the nomination. This defaults to “no” - so if you don't mark the field we won’t tell. In order to ensure time to collect sufficient community feedback about each of the willing nominees, nominations must be received by the NomCom on or before Monday, October 11, 2021. Please submit your nominations as early as possible for the sake of your nominees. Note that nominations should not wait for nominee management permission, as it is easier to decline the nomination than put one in late. The NomCom appoints individuals to fill open slots on the IAB, IESG, the IETF Trust and the LLC Board: ART AD: 1 position INT AD: 1 position OPS AD: 1 position RTG AD: 1 position SEC AD: 1 position TSV AD: 1 position IETF Trust: 1 position IETF LLC: 1 position IAB: 6 positions The list of people and posts whose terms end with the March 2022 IETF meeting, and thus the positions for which this NomCom is responsible, is: [An asterisk (*) next to a person's name indicates they do not intend to accept renomination.] LLC Board (3-year term) Jason Livingood IETF Trust (3-year term) Kathleen Moriarty IAB (2-year term) Ben Campbell * Cullen Jennings Mirja Kühlewind Jared Mauch Tommy Pauly Jiankang Yao IESG (2-year term) Murray Kucherawy, ART AD Erik Kline, INT AD Robert Wilton, OPS AD Martin Vigoureux, RTG AD Benjamin Kaduk, SEC AD * Martin Duke, TSV AD Please be resourceful in identifying possible candidates for these positions, as developing our talent is a very crucial requirement for the IETF, and also, please consider accepting a nomination. You'll find extensive information about specific positions, in individual tabs at: https://datatracker.ietf.org/nomcom/2021/requirements/ In addition to nominations, the NomCom seeks community