Hi Haiguang,
Thanks for your email and the interest in ACME.
Personally I don't think the blockchain has much - if any - place in ACME.
CAs are already pretty decentralised, and you're already perfectly
capable of choosing whatever CA you want for the job (within certain
commercial and policy restrictions).
I fail to see how smart contracts improve ACME. ACME is already a form of
contract between the client and the CA ("I prove Y on X, you give me cert
for X").
Putting this in a smart contract achieves nothing but blockchain for the
sake of blockchain.
Additionally, smart contracts are immutable. This is desirable in certain
situations, however there is past form for having to update ACME to
mitigate a security flaw. This would become near impossible with ACME as a
smart contract.
Thanks,
Q Misell
------------------------------
Any statements contained in this email are personal to the author and are
not necessarily the statements of the company unless specifically stated.
AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace,
Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company
registered in Wales under № 12417574
<https://find-and-update.company-information.service.gov.uk/company/12417574>,
LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876
<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU
VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №:
522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru
maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca
Digital, is a company registered in Estonia under № 16755226. Estonian VAT
№: EE102625532. Glauca Digital and the Glauca logo are registered
trademarks in the UK, under № UK00003718474 and № UK00003718468,
respectively.
On Wed, 8 Nov 2023 at 13:41, Wang Haiguang <wang.haiguang.shieldlab=
[email protected]> wrote:
> Hello, everyone
>
>
> My name is Haiguang Wang from Huawei.
>
>
> I am interested in the networking and security protocols research. I have
> attended IETF meeting since year 2017 and have followed the work in ACME
> group for sometime.
>
>
> Last year we have come across a research paper "A Blockchain-based Method
> for Decentralizing the ACME Protocol to Enhance Trust in PKI". Following
> is the information of the paper:
>
> E. F. Kfoury, D. Khoury, A. AlSabeh, J. Gomez, J. Crichigno and E.
> Bou-Harb, "A Blockchain-based Method for Decentralizing the ACME Protocol
> to Enhance Trust in PKI," *2020 43rd International Conference on
> Telecommunications and Signal Processing (TSP)*, Milan, Italy, 2020, pp.
> 461-465, doi: 10.1109/TSP49548.2020.9163555.
>
>
> We have studied the scheme for sometime but not sure whether it is a good
> direction for ACME or not. The scheme implements the ACME in smart
> contract and make the whole procedure of certificate more transparent, not
> only in CT log, but also in the certificate issuing and management.
>
>
> We would like to hear comments from the experts in this group.
>
>
> Best regards.
>
>
> Haiguang Wang
>
> Huawei International Pte. Ltd.
> _______________________________________________
> Acme mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/acme
>
_______________________________________________
Acme mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/acme
