Re: [Acme] I-D Action: draft-ietf-acme-star-09.txt
On 17/09/2019, 16:02, "Acme on behalf of internet-dra...@ietf.org" wrote: > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-acme-star/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-acme-star-09 > https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-09 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-09 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ This revision addresses Richard's review. A summary of the changes (cut & paste from the changelog) is as follows: o STAR Order and Directory Meta attributes renamed slightly and grouped under two brand new "auto-renewal" objects; o IANA registration updated accordingly (note that two new registries have been added as a consequence); o Unbounded pre-dating of certificates removed so that STAR certs are never issued with their notBefore in the past; o Changed "recurrent" to "autoRenewal" in error codes; o Changed "recurrent" to "auto-renewal" in reference to Orders; o Added operational considerations for HTTP caches. Cheers! IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
[Acme] I-D Action: draft-ietf-acme-star-09.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Automated Certificate Management Environment WG of the IETF. Title : Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME) Authors : Yaron Sheffer Diego Lopez Oscar Gonzalez de Dios Antonio Agustin Pastor Perales Thomas Fossati Filename: draft-ietf-acme-star-09.txt Pages : 27 Date: 2019-09-17 Abstract: Public-key certificates need to be revoked when they are compromised, that is, when the associated private key is exposed to an unauthorized entity. However the revocation process is often unreliable. An alternative to revocation is issuing a sequence of certificates, each with a short validity period, and terminating this sequence upon compromise. This memo proposes an ACME extension to enable the issuance of short-term and automatically renewed (STAR) X.509 certificates. [RFC Editor: please remove before publication] While the draft is being developed, the editor's version can be found at https://github.com/yaronf/I-D/tree/master/STAR. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-acme-star/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-acme-star-09 https://datatracker.ietf.org/doc/html/draft-ietf-acme-star-09 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-acme-star-09 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
