Hi, Misell
Thanks very much for the comments. I do agree with you that it is difficult to change the smart contract once it is deployed. However, there might be some methods to mitigate the impact. The operation of existing CAs are not very transparency. Auditing from authorized institutions are required from time to time. With smart contract, we can audit the operation of CA through code of smart contract instead of audit the CA from time to time. Anyone can audit the operation of CA as well as he or she want. BR Haiguang ________________________________ From: Q Misell <[email protected]> Sent: Wednesday, 8 November 2023 10:14:43 PM To: Wang Haiguang Cc: [email protected] Subject: Re: [Acme] Decentralized the ACME Hi Haiguang, Thanks for your email and the interest in ACME. Personally I don't think the blockchain has much - if any - place in ACME. CAs are already pretty decentralised, and you're already perfectly capable of choosing whatever CA you want for the job (within certain commercial and policy restrictions). I fail to see how smart contracts improve ACME. ACME is already a form of contract between the client and the CA ("I prove Y on X, you give me cert for X"). Putting this in a smart contract achieves nothing but blockchain for the sake of blockchain. Additionally, smart contracts are immutable. This is desirable in certain situations, however there is past form for having to update ACME to mitigate a security flaw. This would become near impossible with ACME as a smart contract. Thanks, Q Misell ________________________________ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574<https://find-and-update.company-information.service.gov.uk/company/12417574>, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. On Wed, 8 Nov 2023 at 13:41, Wang Haiguang <[email protected]<mailto:[email protected]>> wrote: Hello, everyone My name is Haiguang Wang from Huawei. I am interested in the networking and security protocols research. I have attended IETF meeting since year 2017 and have followed the work in ACME group for sometime. Last year we have come across a research paper "A Blockchain-based Method for Decentralizing the ACME Protocol to Enhance Trust in PKI". Following is the information of the paper: E. F. Kfoury, D. Khoury, A. AlSabeh, J. Gomez, J. Crichigno and E. Bou-Harb, "A Blockchain-based Method for Decentralizing the ACME Protocol to Enhance Trust in PKI," 2020 43rd International Conference on Telecommunications and Signal Processing (TSP), Milan, Italy, 2020, pp. 461-465, doi: 10.1109/TSP49548.2020.9163555. We have studied the scheme for sometime but not sure whether it is a good direction for ACME or not. The scheme implements the ACME in smart contract and make the whole procedure of certificate more transparent, not only in CT log, but also in the certificate issuing and management. We would like to hear comments from the experts in this group. Best regards. Haiguang Wang Huawei International Pte. Ltd. _______________________________________________ Acme mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
