Re: [Acme] CAA Account Key Binding Draft Specification

2016-04-21 Thread Phillip Hallam-Baker
It is actually very important because those of us who spend their time looking up patent prior art can't necessarily check the GitHub in 20 years time. In some of the cases I have been involved in, the plaintiff has quite literally read posts on an IETF mailing list and turned them into a patent

Re: [Acme] Proposed changes to make use of JSON in layered fashion.

2016-04-21 Thread Phillip Hallam-Baker
On Wed, Apr 20, 2016 at 6:25 PM, Ron wrote: > > Hi Phillip, > > On Tue, Apr 19, 2016 at 02:51:27PM -0400, Phillip Hallam-Baker wrote: >> In the meeting, I proposed that we make the use of JSON in ACME >> something that can be easily shared across multiple Web Services. >> >> In a

[Acme] draft-ietf-acme-acme-02 authorization

2016-04-21 Thread Benjamin Hof
Hi, Reading the ACME 02 draft, I have a concern regarding the identifier authorization life time. Given a compromised TLS server, the attacker can solve an ACME challenge and be authorized for the hosts's name. This authorization can then be used to obtain valid certificates, even after the

Re: [Acme] Account deletion for security currently useless if rolled over

2016-04-21 Thread Salz, Rich
It’s not stupid ? Understand the terms used (such as PR in this WG:) can be among the hardest parts. > Will make a draft... Great, looking forward to it! -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ Acme

Re: [Acme] Account deletion for security currently useless if rolled over

2016-04-21 Thread sheel.at
Thank you, T. Hardie. R. Salz: Well, sorry for asking something stupid :rolleyes: I know git, and it's clear what's requested. I just didn't made the connection from PR to git, being somewhere where this abbreviation isn't used for "pull request", and having lots of things other in mind. Will

Re: [Acme] Account deletion for security currently useless if rolled over

2016-04-21 Thread Salz, Rich
> What is a PR? :) Assuming the question is serious, take a look at this tutorial: https://yangsu.github.io/pull-request-tutorial/ Alternatively, post a diff to the list with the changes you'd like to see. ___ Acme mailing list Acme@ietf.org

Re: [Acme] Account deletion for security currently useless if rolled over

2016-04-21 Thread sheel.at
What is a PR? :) Am 18.04.2016 18:51, schrieb Richard Barnes: These sound like good recommendations to go in the account deletion section. Would you like to draft a PR? Anyways, it's good to see that I wasn't stupid somehow, and the added ideas are fine too...