Yes, the acme server can decide the certificate-issuing policies (what claims
in the attestation results to look at) on their own.
From: Meiling Chen
Sent: 2024年10月31日 14:09
To: Liuchunchi(Peter) ; acme@ietf.org
Cc: acme-cha...@ietf.org
Subject: Re: RE: [Acme] new acme draft -- rats identifier a
Hi,
Well, then, this problem lies before the certificate issuance action, Only
users who meet the specific conditions can obtain legitimate certificates,
right?
So I would like to ask the experts in certificate, what kind of verification or
filtering judgments are needed in the current issuance
Hi Meiling,
>> Problem: Certificate forgery issue
It’s not exactly about certificate forgery. It’s about issuing certificates to
posture/trustworthiness-checked accessing devices, more like an authorization
challenge. So maybe this answers Q1?
>> The certificate verifier verifies that the holder
Hi Peter,
I have reviewed your draft, this draftis related to RATS, so I noticed it, I am
trying to understand from these aspects:
Problem: Certificate forgery issue
Object: Short term certificate holders and verifier
Logic for problem-solving: The certificate verifier verifies that the holder
ha
Hi carl, thank you very much for the detailed feedback, indeed some
clarification are needed. Please see inline
Peter
From: Carl Wallace
Sent: Wednesday, October 23, 2024 11:32 PM
To: Liuchunchi(Peter) ; acme@ietf.org
Cc: acme-cha...@ietf.org
Subject: Re: [Acme] new acme draft -- rats identifier
I gave the draft a quick skim. I realize it is understood that much work
remains but wanted to point out a few terminology issues and perhaps some gaps
in the specs that might underpin this mechanism.
1) That you have different challenge types to sustain the passport
model and the
Hi Peter!
Thanks for your submission to the ACME working group.
I'll start by admitting I don't really have much background knowledge on
RATS so my comments may be mis-informed.
Feel free to tell me I got it wrong.
I think your draft is a good start - but needs a lot of work.
First, some editori
