> Between these two options, I would be more attracted to the latter. It's
> always been a bit of a sore point that the request URI was not covered by the
> client's signature, but to avoid the complexity of URL comparison, we did the
> "resource" thing instead. But maybe it makes sense to
On Thu, Mar 24, 2016 at 11:07:08AM -0400, Richard Barnes wrote:
> On Thu, Mar 24, 2016 at 5:42 AM, Ron wrote:
> > On Thu, Mar 24, 2016 at 04:45:06PM +1100, Martin Thomson wrote:
> >
> > > Most operating systems understand how to invoke local software in
> > > response to that and
Keeping this whole message intact for now, feel free to trim it if we
split this into threads on the individual parts.
On Thu, Mar 24, 2016 at 11:33:18AM -0400, Richard Barnes wrote:
> On Wed, Mar 23, 2016 at 6:33 PM, Karthik Bhargavan <
> karthikeyan.bharga...@inria.fr> wrote:
>
> > Dear
Hey Karthik,
Thanks so much for this analysis. Couple of comments inline.
On Wed, Mar 23, 2016 at 6:33 PM, Karthik Bhargavan <
karthikeyan.bharga...@inria.fr> wrote:
> Dear All,
>
> Recently, after being asked by Josh Aas, I wrote a formal model of the
> ACME protocol
> in ProVerif and
On Thu, Mar 24, 2016 at 5:42 AM, Ron wrote:
> On Thu, Mar 24, 2016 at 04:45:06PM +1100, Martin Thomson wrote:
> > On 24 March 2016 at 09:33, Karthik Bhargavan
> > wrote:
> > > Emails with clickable links are *BAD*; we should enhance their
>
On 24 March 2016 at 09:33, Karthik Bhargavan
wrote:
> Emails with clickable links are *BAD*; we should enhance their security by
> linking them better with
> the ACME account key.
FWIW, I think that a clickable link could be possible, it just
wouldn't be able to
Hi Ted,
Unfortunately, we wont be in Buenos Aires. But I plan to communicate the
details to Richard, who may decide to present some of it.
Best,
Karthik
> On 23 Mar 2016, at 23:54, Ted Hardie wrote:
>
> Hi Karthik,
>
> Thanks for your message. Will you or your
Hi Karthik,
Thanks for your message. Will you or your co-authors be in Buenos Aires
for the IETF? Would you like to present this work to the working group
there, if so?
thanks,
Ted
On Wed, Mar 23, 2016 at 3:33 PM, Karthik Bhargavan <
karthikeyan.bharga...@inria.fr> wrote:
> Dear All,
>
>
Dear All,
Recently, after being asked by Josh Aas, I wrote a formal model of the ACME
protocol
in ProVerif and analyzed it for various properties. I am still in the process
of cleaning
up the model and writing up a proper report, but with the next IETF being so
close,
here’re some early