On Wed, Aug 12, 2015 at 10:30 PM, Eric Mill e...@konklone.com wrote:
That seems like a great way to simplify the protocol. On the other
hand, Jacob's /.well-known/certificate/acme-account-keys.json idea is
also quite nice.
This is only tangentially on-topic, but since the idea's been
Howdy,
At the meeting in Prague, the room felt that adopting draft-barnes-acme as
a working group draft was appropriate (this is also in the charter).
Richard is touching up the editing buffer for that now, but if you have a
contrary opinion, now would be the time to let us know.
thanks,
Ted
On Wed, Aug 12, 2015 at 11:44 AM, Ted Hardie ted.i...@gmail.com wrote:
So, this is a common misconception. Adopting a draft doesn't mean you
think it is done or even that it has no known issues; it's a statement by
the working group that this is a starting point. Think of it like picking
I think the duplicate-signature key selection attack Andrew Ayer discovered
here really needs to be addressed (unless it already was):
https://mailarchive.ietf.org/arch/msg/acme/F71iz6qq1o_QPVhJCV4dqWf-4Yc
On Wed, Aug 12, 2015 at 10:46 AM, Ted Hardie ted.i...@gmail.com wrote:
Howdy,
At the
On Wed 2015-08-12 14:18:54 -0400, Tony Arcieri wrote:
On Wed, Aug 12, 2015 at 11:03 AM, Martin Thomson martin.thom...@gmail.com
wrote:
I don't see that as reason enough to block adoption.
It represents a conceptual misuse of digital signatures, and seems to me
like a very fundamental
On Wed, Aug 12, 2015 at 11:03 AM, Martin Thomson martin.thom...@gmail.com
wrote:
I don't see that as reason enough to block adoption.
It represents a conceptual misuse of digital signatures, and seems to me
like a very fundamental design flaw which is easily addressed. I'm confused
why you
On 12 August 2015 at 11:18, Tony Arcieri basc...@gmail.com wrote:
It represents a conceptual misuse of digital signatures, and seems to me
like a very fundamental design flaw which is easily addressed. I'm confused
why you don't want to address it before adopting the draft.
If we set a