A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Automated Certificate Management Environment Working Group of the IETF.
Title : Automatic Certificate Management Environment (ACME)
Authors : Richard Barnes
Jacob Hoffman-Andrews
James Kasten
Filename : draft-ietf-acme-acme-00.txt
Pages : 57
Date : 2015-09-28
Abstract:
Certificates in the Web's X.509 PKI (PKIX) are used for a number of
purposes, the most significant of which is the authentication of
domain names. Thus, certificate authorities in the Web PKI are
trusted to verify that an applicant for a certificate legitimately
represents the domain name(s) in the certificate. Today, this
verification is done through a collection of ad hoc mechanisms. This
document describes a protocol that a certificate authority (CA) and
an applicant can use to automate the process of verification and
certificate issuance. The protocol also provides facilities for
other certificate management functions, such as certificate
revocation.
DANGER: Do not implement this specification. It has a known
signature reuse vulnerability. For details, see the following
discussion:
https://mailarchive.ietf.org/arch/msg/acme/F71iz6qq1o_QPVhJCV4dqWf-
4Yc
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-acme-acme/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-acme-acme-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
