Re: [Acme] AD Review: draft-ietf-acme-caa-05

2019-01-15 Thread Eric Rescorla
This works for me. -Ekr On Thu, Jan 3, 2019 at 11:33 AM Salz, Rich wrote: > @ekr, is this okay with you? > > On 12/28/18, 10:30 PM, "Hugo Landau" wrote: > > On Sat, Dec 29, 2018 at 03:23:35AM +, Salz, Rich wrote: > > > > + Validation methods beginning with the prefix

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2019-01-03 Thread Salz, Rich
@ekr, is this okay with you? On 12/28/18, 10:30 PM, "Hugo Landau" wrote: On Sat, Dec 29, 2018 at 03:23:35AM +, Salz, Rich wrote: > > + Validation methods beginning with the prefix "ca-" are reserved for CA-local > + meaning and may not be registered. >

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-28 Thread Hugo Landau
On Sat, Dec 29, 2018 at 03:23:35AM +, Salz, Rich wrote: > > + Validation methods beginning with the prefix "ca-" are reserved for > CA-local > + meaning and may not be registered. > > "need not be" ? Or "SHOULD NOT be" ? My intention was that the rules of the registry state

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-28 Thread Salz, Rich
+ Validation methods beginning with the prefix "ca-" are reserved for CA-local + meaning and may not be registered. "need not be" ? Or "SHOULD NOT be" ? >I think that about does it? Looks good to me. ___ Acme mailing list

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-28 Thread Hugo Landau
> Would like to see proposed wording, but the concept seems fine. How about, changes marked: Validation methods do not have to be compatible with ACME in order to be registered. For example, a CA might wish to register a validation method in order to support its use with the ACME

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-22 Thread Salz, Rich
Would like to see proposed wording, but the concept seems fine. From: Eric Rescorla Date: Saturday, December 22, 2018 at 12:26 PM To: Hugo Landau Cc: "acme@ietf.org" Subject: Re: [Acme] AD Review: draft-ietf-acme-caa-05 This SGTM. ACME editors? -Ekr On Sat, Dec 22, 2018 at 8:

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-22 Thread Eric Rescorla
This SGTM. ACME editors? -Ekr On Sat, Dec 22, 2018 at 8:28 AM Hugo Landau wrote: > > I'm open to alternative methods of preventing conflicts. A prefix could > > > be reserved for CA-specific use, e.g. "nonacme-". > > > > > > > That would be fine. > > Amended to: > > Where a CA supports both

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-22 Thread Hugo Landau
> I'm open to alternative methods of preventing conflicts. A prefix could > > be reserved for CA-specific use, e.g. "nonacme-". > > > > That would be fine. Amended to: Where a CA supports both the "validationmethods" parameter and one or more non-ACME challenge methods, it MUST assign

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-21 Thread Eric Rescorla
On Mon, Dec 3, 2018 at 6:26 PM Hugo Landau wrote: > On Sun, Nov 04, 2018 at 07:18:05PM -0800, Eric Rescorla wrote: > > IMPORTANT > > S 4. > > > Where a CA supports both the "validationmethods" parameter and > one or > > > more non-ACME challenge methods, it MUST assign identifiers to >

Re: [Acme] AD Review: draft-ietf-acme-caa-05

2018-12-03 Thread Hugo Landau
On Sun, Nov 04, 2018 at 07:18:05PM -0800, Eric Rescorla wrote: > IMPORTANT > S 4. > > Where a CA supports both the "validationmethods" parameter and one or > > more non-ACME challenge methods, it MUST assign identifiers to those > > methods. These identifiers MUST be chosen to