From ae072c3fd3ab8e4c77bf86619e0c2c9f55f8a802 Mon Sep 17 00:00:00 2001 From: daknob <743648+daknob@users.noreply.github.com> Date: Mon, 19 Aug 2024 22:02:20 +0000 Subject: [PATCH] =?UTF-8?q?Deploying=20to=20gh-pages=20from=20@=20aaomidi/?= =?UTF-8?q?draft-ietf-acme-scoped-dns-challenges@cdd6fb783e7052d3a6a7186a1?= =?UTF-8?q?4fa3203c7342f2b=20=F0=9F=9A=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- draft.xml | 61 +++++++++++++++++++++++++----------------------------- index.html | 16 +++++++------- 2 files changed, 37 insertions(+), 40 deletions(-) diff --git a/draft.xml b/draft.xml index 6911cca..06a5033 100644 --- a/draft.xml +++ b/draft.xml @@ -1,6 +1,6 @@ - + - + Security Automated Certificate Management Environment @@ -303,7 +303,7 @@ Content-Type: application/jose+json
Implementation Considerations -As this challenge creates strong dependency on the kid account identifier, the server SHOULD ensure that the account identifier is not changed during the lifetime of the account. +As this challenge creates strong dependency on the kid account identifier, the server SHOULD ensure that the account identifier is not changed during the lifetime of the account. This contains the entire URI, including the ACME endpoint domain name, port, and full HTTP path.
@@ -350,6 +350,8 @@ Reference: This document + + @@ -378,7 +380,6 @@ Reference: This document - Key words for use in RFCs to Indicate Requirement Levels @@ -392,7 +393,6 @@ Reference: This document - Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words @@ -406,7 +406,6 @@ Reference: This document - Randomness Requirements for Security @@ -423,7 +422,6 @@ Reference: This document - US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF) @@ -437,7 +435,6 @@ Reference: This document - The Base16, Base32, and Base64 Data Encodings @@ -450,7 +447,6 @@ Reference: This document - DNS Certification Authority Authorization (CAA) Resource Record @@ -466,7 +462,6 @@ Reference: This document - Domain names - implementation and specification @@ -483,7 +478,6 @@ Reference: This document - @@ -506,14 +500,14 @@ Reference: This document Akamai Technologies - + Many application services on the Internet need to verify ownership or control of a domain in the Domain Name System (DNS). The general term for this process is "Domain Control Validation", and can be done using a variety of methods such as email, HTTP/HTTPS, or the DNS itself. This document focuses only on DNS-based methods, which - typically involve the application service provider requesting a DNS + typically involve the Application Service Provider requesting a DNS record with a specific format and content to be visible in the requester's domain. There is wide variation in the details of these methods today. This document proposes some best practices to avoid @@ -522,10 +516,9 @@ Reference: This document - + - Automated Certificate Management Environment (ACME) for Subdomains @@ -544,9 +537,10 @@ Reference: This document - + + @@ -651,23 +645,24 @@ hsX/xYbFWoOiU4Jm/T0lNTI+Xm2e2rvuANtf0+fIb6NIL6f7y/jwMJutZO9z M6X5uJ3zEV7HjS3I5UaygRF8UpZP0X1CdeXcEMoEWVF5sqQnjt2Z87JzwKd0 U1CKLLqIt3z8ynfuRabNyvvEva3CzsggaEv7nEpCKMfWHNDjyKwbVnlaPUvp gGh5JLak6gZx7qYUStWBagCkE6OMTZ7WQv3mLFIaOaE9MhgU+qbBoZpKPvFa -9ITtZO6NFd9sbTB0tX6CsGaX286H6jz79NOh79//ieOhzshNniQ65fOO5RcT -fKookoFiiROKF20Cwte32frHC/b0M1cbG4GqPFLb379xqiADNIWg/IagOANa -lQ5BhMx4GHZsBCCz/fjZoM/nz+y5LsBsuc320QM32hQOgfVn9MVOWSm6oF4c -QgVH1ItDOGRu7Tk7G/PLI50q3pJDGj60Zb9FK9LTxIPc/ZxeG2ytNEjwZAfk -e/QkT8hTRqOSmfuHD7nc2nrIUtvjdK6x5kUhnVquZRkiJQssUmPah43bfhpC -Vo8trcKCFchD0Uz0FkbvPvZgLzRbjwjawrrpX5TcbBxWpQPf3VAtwbGtwjsN -in7PUkDIQsqk8Mo6Z/bAn7VKsuTy8HmJT7XTlMVEy5HrOVVKWm9Vp9JCgz2J -but9P10lmZ6lXjKn3oJn5mwkYqap/8lNKqMiMmyLYu6Uu2PappSg2LhTijAr -OivtFzSB0AgVekRmqd7ReXyXud15hJCoEwCwOUcX6gGXR60JuosGy+bp7q0e -ceQKeA6kttM06LtG0x3xTl9I8FlD8JClXiD1dDqshWiSinGHEw3cNQPWcleK -ZJB5K0ENBXJuzyUyYMh+l2GNgZzWUTbo36tRtt+7xw2Qjv1AoFrVtTIBZFN7 -Fj/jsFacK4fwfBi6ayfQtxJ04LT4iqJuscbW8bf0bQ/DsprNM0sgfyqGjPA7 -2yRzjWuyAtcX74mRTVRQggFDsnnEUd+UJpLHijJzVi1/KuosUMVIot3O5C1T -bpI41IMjyCIbLKzfVtKpiiJ3XrxwD2UMv3ZFbB1djDYCECCCma1FkOcSXhZY -Xbe3P0RmRp+zgOaVM2ToNU+Cogqv5yNVvUGvIBR/bEj1FxvxUNgY0KpCbNd+ -Y4z7Ldp8KK5bryQfW/blUDQ+4mjVF6miy59cjItC/phvgsKfJDYq639+GdF6 -P7Rnl2Xwz/bUC41sf2j9D6o5UTZXPgAA +9ITt5OJgWT3Pp9Wwz+tXZ/VeSpmagINEU/LT0HaiU3fulz6VEU+url4AC7I5 +N9+Kj8I2JHa1fkSxZvjbDqDqPPv046fv3/+J86fOi0yeEEd8prH4JIOPLUUy +UKxSChNFH4IA/G22/nWEPV7N5cxGJCzP7Pb3b5yuycJNISi/IShOsValxxEh +Mx6GHRsRzmw/3zbo8wE3e3AMOF5us330wI02hcdh/Rl9ElSWoi5rKE65giMy +JMRb5tYe5LNJRXlmVMVbklTDp8Lsx25F/pt4kLuf03uJraUMCZ7sgJybnuQJ +ueJoVDJz//Ah13NbT3Fqe17Pde68KKRj0bU0RqRkgUXuTfuw99hvT8itsKVV +WLACeajKid7Cq9zXJOzmZusZRFu5Nx2YsqeN07B0orwbqiU4tmV+p0HR71kK +CFlImRQeW+fMnii0VkmWXJ5uLwGwdlyzmGg5ck2tSknrvfBUWuyxR91tQ8FP +V0mmZ6mXzKl54Zk5G4mYaWqwchfMqIgM28KkO0bvmLY5Kyg27hgkzIoOY/sF +TSA0UrGKyCzVOzrw71LDO48gGIUIEDzn8EVN5vIsN8WGooOzeXx8q0ccuQ4B +R2rbyhr0XSfrjninTzD4MCN4yFIvkHo6HdZyAJKKcacfDdw1A4py24tkkHkr +QR0Lcm7PZUpgyH74YY2BnNZRNujfq1G237vHHZaO/QKhWtX1SgFkU3vYP+O4 +WRxch/B8GLrrV9DHGHSitfhMo26xxqL6LX08xLCsZvPMEsjfoiHl/M524Vxn +nKzANd57YmRDCmo8YEg2jzitMKWJ5LGi1J9Vy9+iOgtUMbJ0tzN5y5S7MA71 +4AiySDcL67eleqqiyB1IL9xDGcPvdRG8RxejjQAEiGBmaxHkuYSXBVbX7e0P +kfrR9zKgeeUMGXrNk6Ao8+sJT1XQ0DsOxV8zUoHHRjwUNga0qhjetR8x436L +Nh+K69YryeeifTkUja9EWvVFqujyJxfjqpO/Fpx4/oIkNiobDPy2o/V+aA9H +y+Cf7akXGtn+0Pof1mS9crg+AAA= --> diff --git a/index.html b/index.html index 025ac80..a388625 100644 --- a/index.html +++ b/index.html @@ -1176,11 +1176,11 @@ Internet-Draft ACME-SCOPED-DNS-CHALLENGES -March 2024 +August 2024 Chariton, et al. -Expires 20 September 2024 +Expires 20 February 2025 [Page] @@ -1193,12 +1193,12 @@
draft-ietf-acme-scoped-dns-challenges-00
Published:
- +
Intended Status:
Standards Track
Expires:
-
+
Authors:
@@ -1264,7 +1264,7 @@

time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

- This Internet-Draft will expire on 20 September 2024.

+ This Internet-Draft will expire on 20 February 2025.

@@ -1689,6 +1689,7 @@

+

7. References @@ -1746,7 +1747,7 @@

[I-D.draft-ietf-dnsop-domain-verification-techniques]
-Sahib, S. K., Huque, S., Wouters, P., and E. Nygren, "Domain Control Validation using DNS", Work in Progress, Internet-Draft, draft-ietf-dnsop-domain-verification-techniques-04, , <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-domain-verification-techniques-04>.
+Sahib, S. K., Huque, S., Wouters, P., and E. Nygren, "Domain Control Validation using DNS", Work in Progress, Internet-Draft, draft-ietf-dnsop-domain-verification-techniques-05, , <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-domain-verification-techniques-05>.

[RFC9444]
@@ -1756,6 +1757,7 @@

+