The IESG has received a request from the Automated Certificate Management Environment WG (acme) to consider the following document: - 'Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME)' <draft-ietf-acme-star-06.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2019-08-01. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Public-key certificates need to be revoked when they are compromised, that is, when the associated private key is exposed to an unauthorized entity. However the revocation process is often unreliable. An alternative to revocation is issuing a sequence of certificates, each with a short validity period, and terminating this sequence upon compromise. This memo proposes an ACME extension to enable the issuance of short-term and automatically renewed (STAR) X.509 certificates. [RFC Editor: please remove before publication] While the draft is being developed, the editor's version can be found at https://github.com/yaronf/I-D/tree/master/STAR. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-acme-star/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-acme-star/ballot/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
