While the final draft could certainly register "webauthn-attest-01" instead, I seriously doubt reclaiming "device-attest-01" for more generic use is possible at this point. Just as an one example, three major versions of iOS and two major versions of macOS at a minimum will ship that use the validation method identifier from the current draft. So ACME server implementations that support Apple devices will have to assume the payload is WebAuthn for years to come.
The identifier version suffix seems plausibly useful here. Could the future ACME CMW document register "device-attest-02" instead of repurposing "device-attest-01"? On Thu, Jul 25, 2024 at 11:49 AM Thomas Fossati <thomas.foss...@linaro.org> wrote: > > On Thu, 25 Jul 2024 at 17:30, Mike Ounsworth <mike.ounswo...@entrust.com> > wrote: > > Regardless, somebody probably needs to start a draft parallel to Brandon’s > > that tells how to carry CMW in ACME so that we can start having these > > discussions > > Happy to help with that. > > > [...] let’s not slow down Brandon’s draft by trying to add CMW to it > > because I understand that it has real-world deployments waiting for it. > > In violent agreement.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
