Support for Short-Term, Automatically-Renewed (STAR) Certificates in Automated Certificate Management Environment (ACME)
draft-ietf-acme-star-03

Document Type Expired Internet-Draft (acme WG)
Last updated 2018-09-04 (latest revision 2018-03-03)
Replaces draft-sheffer-acme-star
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state In WG Last Call
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-acme-star-03.txt

Abstract

Public-key certificates need to be revoked when they are compromised, that is, when the associated private key is exposed to an attacker. However the revocation process is often unreliable. An alternative to revocation is issuing a sequence of certificates, each with a short validity period, and terminating this sequence upon compromise. This memo proposes an ACME extension to enable the issuance of short- term and automatically renewed (STAR) certificates. [RFC Editor: please remove before publication] While the draft is being developed, the editor's version can be found at https://github.com/yaronf/I-D/tree/master/STAR.

Authors

Yaron Sheffer (yaronf.ietf@gmail.com)
Diego Lopez (diego.r.lopez@telefonica.com)
Oscar de Dios (oscar.gonzalezdedios@telefonica.com)
Antonio Pastor (antonio.pastorperales@telefonica.com)
Thomas Fossati (thomas.fossati@nokia.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)