Hi Peter, I have reviewed your draft, this draftis related to RATS, so I noticed it, I am trying to understand from these aspects: Problem: Certificate forgery issue Object: Short term certificate holders and verifier Logic for problem-solving: The certificate verifier verifies that the holder has the authority to use the certificate Solution: Reuse the remote proof process of RATS, Generate a attestation result for the certificate owner, and the certificate verifier can confirm the legitimacy of the certificate through the attestation result, Of course, this also involves the issue of mapping or reference. I also have the following questions: Does ACME pay attention to the issue of forged certificates? Does the current coding implementation of ACME have a process for determining the authenticity of certificates? Best, Meiling From: Liuchunchi(Peter) Date: 2024-10-23 15:22 To: acme@ietf.org CC: acme-cha...@ietf.org Subject: [Acme] new acme draft -- rats identifier and challenge Hi folks, Recently I submitted a new ACME draft that extends “rats” identifier and challenge type. The purpose of this work is to provide a means that allows an ACME server to test if an ACME client possess a valid remote attestation result (and an identifier to that), before issuing a certificate to it. Wonder if anyone may find this work interesting? The draft is here https://datatracker.ietf.org/doc/draft-liu-acme-rats/ and github repo is here https://github.com/liuchunchi/draft-liu-acme-rats, with some todos that welcomes contribution or comments. Dear chairs, can I request a small slot in Dublin to share this work? 15 or 10 minutes would suffice. Best, Peter (Chunchi) Liu
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
