Skip to main content

Automated Certificate Management Environment (ACME) Challenges Using an Authority Token

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Rich Salz <>, The IESG <>,,,,,,
Subject: Protocol Action: 'ACME Challenges Using an Authority Token' to Proposed Standard (draft-ietf-acme-authority-token-09.txt)

The IESG has approved the following document:
- 'ACME Challenges Using an Authority Token'
  (draft-ietf-acme-authority-token-09.txt) as Proposed Standard

This document is the product of the Automated Certificate Management
Environment Working Group.

The IESG contact persons are Paul Wouters and Roman Danyliw.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   Some proposed extensions to the Automated Certificate Management
   Environment (ACME) rely on proving eligibility for certificates
   through consulting an external authority that issues a token
   according to a particular policy.  This document specifies a generic
   Authority Token challenge for ACME which supports subtype claims for
   different identifiers or namespaces that can be defined separately
   for specific applications.

Working Group Summary

This work was done primarily be members of the STIR WG working in ACME but coordinating with STIR.

This document is a companion to draft-ietf-acme-authority-token.  Both are needed for a complete solution.

Document Quality

There are vendors, in STIR, who intend to implement this as the base document for TNAuthList.


Rich Salz is the shepherd

Roman Danyliw is the AD

RFC Editor Note