The IESG has received a request from the Automated Certificate Management Environment WG (acme) to consider the following document: - 'An ACME Profile for Generating Delegated STAR Certificates' <draft-ietf-acme-star-delegation-06.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2021-03-22. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo proposes a profile of the ACME protocol that allows the owner of an identifier (e.g., a domain name) to delegate to a third party access to a certificate associated with said identifier. A primary use case is that of a CDN (the third party) terminating TLS sessions on behalf of a content provider (the owner of a domain name). The presented mechanism allows the owner of the identifier to retain control over the delegation and revoke it at any time by cancelling the associated STAR certificate renewal with the ACME CA. Another key property of this mechanism is it does not require any modification to the deployed TLS ecosystem. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-acme-star-delegation/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
