[Acme] FW: New Version Notification for draft-friel-acme-subdomains-03.txt

Mon, 12 Oct 2020 01:25:48 -0700 

This new draft addresses the comments that were raised back in August by Russ.

It also explicitly lists in the Open Items section 
https://tools.ietf.org/html/draft-friel-acme-subdomains-03#section-4 the two 
main open items that have been raised by Felipe and Ryan:

1. Does the client need a mechanism to indicate that they want to authz a 
parent domain and not the explicit subdomain identifier? Or a mechanism to 
indicate that they are happy to authz against a choice of identifiers? 

2. Does the server need a mechanism to provide a choice of identifiers to the 
client and let the client chose which to fulfil?

Both would require some JSON definition work. If we can't reach consensus on 
the mailer, we could discuss at IETF 109 Online.

Cheers,
Owen


-----Original Message-----
From: internet-dra...@ietf.org <internet-dra...@ietf.org> 
Sent: 09 October 2020 18:35
To: Richard Barnes <r...@ipv.sx>; Tim Hollebeek <tim.holleb...@digicert.com>; 
Owen Friel (ofriel) <ofr...@cisco.com>; Michael Richardson 
<mcr+i...@sandelman.ca>
Subject: New Version Notification for draft-friel-acme-subdomains-03.txt


A new version of I-D, draft-friel-acme-subdomains-03.txt
has been successfully submitted by Owen Friel and posted to the IETF repository.

Name:           draft-friel-acme-subdomains
Revision:       03
Title:          ACME for Subdomains
Document date:  2020-10-09
Group:          Individual Submission
Pages:          13
URL:            https://www.ietf.org/id/draft-friel-acme-subdomains-03.txt
Status:         https://datatracker.ietf.org/doc/draft-friel-acme-subdomains/
Htmlized:       
https://datatracker.ietf.org/doc/html/draft-friel-acme-subdomains
Htmlized:       https://tools.ietf.org/html/draft-friel-acme-subdomains-03
Diff:           https://www.ietf.org/rfcdiff?url2=draft-friel-acme-subdomains-03

Abstract:
   This document outlines how ACME can be used by a client to obtain a
   certificate for a subdomain identifier from a certification
   authority.  The client has fulfilled a challenge against a parent
   domain but does not need to fulfil a challenge against the explicit
   subdomain as certificate policy allows issuance of the subdomain
   certificate without explicit subdomain ownership proof.

                                                                                
  


Please note that it may take a couple of minutes from the time of submission 
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat


_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme

Reply via email to