As chair: Thanks for the detailed review.
As an individual: I agree we need a new term other than CDN. All the good words
are taken, but perhaps Agent works?
> draft-iab-web-pki-problems has been abandoned.
I didn't notice that. Rats.
--
Senior Architect, Akamai Technologies
Member,
One further thought. ACME uses an absolute time for expiration. This uses a
relative time. I think that I prefer the former. I realize that consistency
might be impossible in this case, since the recurrent duration is
necessarily relative, but I though it worth raising.
On 19 Jun. 2017 10:08 am,
On Mon, Jun 19, 2017 at 02:34:45PM -0400, Richard Barnes wrote:
> This seems sensible; rolling keys shouldn't invalidate things in transit
> any more than changing your Gmail password should delete your drafts folder.
>
> I would have a little bit of a hard time calling this "purely editorial",
>
This seems sensible; rolling keys shouldn't invalidate things in transit
any more than changing your Gmail password should delete your drafts folder.
I would have a little bit of a hard time calling this "purely editorial",
since it specifies server behavior. But it seems like you're just
How about this:
A CA MAY proceed with issuance if a CAA record is present whose value matches
the account-uri parameter of the account making the request.
If no CAA records have such a match, then the CA MUST NOT proceed with issuance.
___
Acme
> Like Russ, I find the statement very difficult to read. Would
> inverting it be better?
>
> > A CA MUST NOT issue authorize issuance if a CAA record is present unless
> > the "account-uri" parameter identifies the account making a certificate
> > issuance request.
See previous reply.
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Automated Certificate Management Environment
of the IETF.
Title : Extensions to Automatic Certificate Management
Environment for end user S/MIME certificates
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Automated Certificate Management Environment
of the IETF.
Title : Extensions to Automatic Certificate Management
Environment for email TLS
Author
