Skip to main content

Automated Certificate Management Environment (ACME) Extension for Single Sign On Challenges
draft-biggs-acme-sso-01

Document Type Expired Internet-Draft (individual)
Authors Andrew Biggs , Richard Barnes , Moynihan
Last updated 2021-10-10 (Latest revision 2021-04-08)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text html xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-biggs-acme-sso-01.txt

Abstract

This document specifies an extension to the ACME protocol [RFC8555] to enable ACME servers to validate a client's control of an email identifier using single sign-on (SSO) technologies. An extension to the CAA [RFC8659] resource record specification is also defined to provide domain owners a means to declare a set of SSO providers that ACME servers may rely upon when employing SSO for identifier validation on their domain.

Authors

Andrew Biggs
Richard Barnes
Moynihan

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)