Automated Certificate Management Environment (ACME) TLS Application-Layer Protocol Negotiation (ALPN) Challenge Extension
draft-ietf-acme-tls-alpn-07
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2020-02-20
|
07 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2020-02-10
|
07 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2020-01-07
|
07 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2019-10-25
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2019-10-23
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2019-10-23
|
07 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2019-10-18
|
07 | (System) | RFC Editor state changed to EDIT |
2019-10-18
|
07 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2019-10-18
|
07 | (System) | Announcement was received by RFC Editor |
2019-10-18
|
07 | Gunter Van de Velde | Assignment of request for Last Call review by OPSDIR to Joe Clarke was marked no-response |
2019-10-17
|
07 | (System) | IANA Action state changed to In Progress |
2019-10-17
|
07 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2019-10-17
|
07 | Amy Vezza | IESG has approved the document |
2019-10-17
|
07 | Amy Vezza | Closed "Approve" ballot |
2019-10-17
|
07 | Amy Vezza | Ballot approval text was generated |
2019-10-17
|
07 | Roman Danyliw | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed |
2019-10-03
|
07 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2019-10-02
|
07 | Amanda Baber | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
2019-10-02
|
07 | Amanda Baber | Waiting for ACME review and at least one more TLS approval. |
2019-10-02
|
07 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2019-10-02
|
07 | Éric Vyncke | [Ballot comment] Thank you for this well-written and easy to read document. I have only one COMMENT: Would it be useful to specify the use … [Ballot comment] Thank you for this well-written and easy to read document. I have only one COMMENT: Would it be useful to specify the use of "IPv4 or IPv6 address" rather than simply the implicit "address" that I read as indeed IPv4/IPv6 but being explicit will not hurt. -éric |
2019-10-02
|
07 | Éric Vyncke | [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke |
2019-10-01
|
07 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2019-10-01
|
07 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2019-10-01
|
07 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-07.txt |
2019-10-01
|
07 | (System) | New version accepted (logged-in submitter: Roland Shoemaker) |
2019-10-01
|
07 | Roland Shoemaker | Uploaded new revision |
2019-10-01
|
06 | Warren Kumari | [Ballot comment] Thank you for this clear, easy to understand and useful document. |
2019-10-01
|
06 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2019-10-01
|
06 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund |
2019-09-30
|
06 | Adam Roach | [Ballot comment] Thanks for all the work that has gone into creating a viable TLS-based mechanism for ACME validation. I have one fairly important (yet … [Ballot comment] Thanks for all the work that has gone into creating a viable TLS-based mechanism for ACME validation. I have one fairly important (yet trivial to fix) comment, and a small number of editorial suggestions. I also have read through the ARTART review, and endorse Martin's comments. Please respond to that review, and incorporate his suggestions as you feel appropriate. --------------------------------------------------------------------------- §1: > The Automatic Certificate Management Environment (ACME) [RFC8555] > standard specifies methods for validating control of domain names via > HTTP and DNS. As a fairly major comment, RFC 8555 is not a standard. See RFCs 2026 and 6410 for details. Please rephrase this text along the lines of: The Automatic Certificate Management Environment (ACME) [RFC8555] specification describes methods for validating control of domain names via HTTP and DNS. --------------------------------------------------------------------------- §3: > The TLS with Application Layer Protocol Negotiation (TLS ALPN) > validation method proves control over a domain name by requiring the > client to configure a TLS server to respond to specific connection > attempts utilizing the ALPN extension with identifying information. This took a couple of readings before I understood what it meant. It might make things clearer if the role of the client were clearer; e.g., "...by requiring the ACME client to configure a TLS server..." This is also true throughout much of this section, where "client" and "server" are used without qualification to talk about ACME clients and ACME servers. Consider qualifying such instances. --------------------------------------------------------------------------- §3: > The client prepares for validation by constructing a self-signed > certificate which MUST contain a acmeIdentifier extension Nit: "...contain an acmeIdentifier..." --------------------------------------------------------------------------- §3: > 3. The AMCE server initiates a TLS connection to the chosen IP > address, this connection MUST use TCP port 443. The ACME server > MUST provide a ALPN extension with the single protocol name > "acme-tls/1" and a SNI extension containing only the domain name > being validated during the TLS handshake. Nit: "...chosen IP address. This connection..." Nit: "...an ALPN..." Nit: "...an SNI..." --------------------------------------------------------------------------- §5: Unlike section 3, this section appears to use unqualified "server" to mean "HTTPS server" or somesuch, rather than "ACME server". These *definitely* need to be qualified. |
2019-09-30
|
06 | Adam Roach | Ballot comment text updated for Adam Roach |
2019-09-30
|
06 | Adam Roach | [Ballot comment] Thanks for all the work that has gone into creating a viable TLS-based mechanism for ACME validation. I have one fairly important (yet … [Ballot comment] Thanks for all the work that has gone into creating a viable TLS-based mechanism for ACME validation. I have one fairly important (yet trivial to fix) comment, and a small number of editorial suggestions. I also have read through the ARTART review, and endorse Martin's comments. Please respond to that review, and incorporate his suggestions as you feel appropriate. --------------------------------------------------------------------------- §1: > The Automatic Certificate Management Environment (ACME) [RFC8555] > standard specifies methods for validating control of domain names via > HTTP and DNS. As a fairly major comment, RFC 8555 is not a standard. See RFCs 2026 and 6410 for details. Please rephrase this text along the lines of: The Automatic Certificate Management Environment (ACME) [RFC8555] specification describes methods for validating control of domain names via HTTP and DNS. --------------------------------------------------------------------------- §3: > The TLS with Application Layer Protocol Negotiation (TLS ALPN) > validation method proves control over a domain name by requiring the > client to configure a TLS server to respond to specific connection > attempts utilizing the ALPN extension with identifying information. This took a couple of readings before I understood what it meant. It might make things clearer if the role of the client were clearer; e.g., "...by requiring the ACME client to configure a TLS server..." This is also true throughout much of this section, where "client" and "server" are used without qualification to talk about ACME clients and ACME servers. Consider qualifying such instances. --------------------------------------------------------------------------- §3: > The client prepares for validation by constructing a self-signed > certificate which MUST contain a acmeIdentifier extension Nit: "...contain an acmeIdentifier..." --------------------------------------------------------------------------- §3: > 3. The AMCE server initiates a TLS connection to the chosen IP > address, this connection MUST use TCP port 443. The ACME server > MUST provide a ALPN extension with the single protocol name > "acme-tls/1" and a SNI extension containing only the domain name > being validated during the TLS handshake. Nit: "...chosen IP address. This connection..." Nit: "...an ALPN..." Nit: "...an SNI..." --------------------------------------------------------------------------- §5: Unlike section 3, this section appears to use unqualified "server" to mean "HTTPS server" or somesuch, rather than "ACME" server. These *definitely* need to be qualified. |
2019-09-30
|
06 | Adam Roach | [Ballot Position Update] New position, Yes, has been recorded for Adam Roach |
2019-09-30
|
06 | Amanda Baber | Authors also need to send ALPN Protocol ID review request to RFC 8447 mailing list. |
2019-09-30
|
07 | (System) | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
2019-09-30
|
06 | Benjamin Kaduk | [Ballot comment] Please respond to the ARTART review; there's some good comments in there about constraining the permitted TLS versions/algorithms, the specifics of the acme-tls/1 … [Ballot comment] Please respond to the ARTART review; there's some good comments in there about constraining the permitted TLS versions/algorithms, the specifics of the acme-tls/1 (non-)protocol, the use of a different certificate model than RFC 5280, and the (non-)need to complete the TLS handshake. Section 1 "Because no existing software implements this protocol" is not going to age well; perhaps an approach more like "Because this protocol does not build on a preexisting deployment base" would do better. Section 7 the provider. When the TLS SNI challenge was designed it was assumed that a user would only be able to respond to TLS traffic via SNI for domain names they controlled (i.e. if User A registered Host A and User B registered Host B with a service provider that User A wouldn't be able to respond to SNI traffic for Host B). This turns out not to be a security property provided by a number of large service providers. [...] Perhaps I'm misremembering, but I don't think this characterizes exactly the situation that led to the TLS SNI challenge being deemed irredeemable: the issues arise when User B *has not yet* registered Host B, and either the registration validation at the provider was lax or User A could connive to get into the default-SNI handler. The *attack* was possible even when User B has registered Host B, because the validation used a subdomain, as we discuss below, but here we are talking about the SNI routing, which needed to be for an unregistered (or not-validly-registered) name. |
2019-09-30
|
06 | Benjamin Kaduk | [Ballot Position Update] New position, Yes, has been recorded for Benjamin Kaduk |
2019-09-30
|
06 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2019-09-30
|
06 | Martin Vigoureux | [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux |
2019-09-29
|
06 | Alexey Melnikov | [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov |
2019-09-28
|
06 | Yoav Nir | This document now replaces draft-shoemaker-acme-tls-alpn instead of None |
2019-09-26
|
06 | Barry Leiba | [Ballot comment] I have only editorial comments below. No response is needed — please just consider incorporating these, as I think they’ll help make the … [Ballot comment] I have only editorial comments below. No response is needed — please just consider incorporating these, as I think they’ll help make the document clearer. — Abstract — This document specifies a new challenge for the Automated Certificate Management Environment (ACME) protocol which allows for domain control validation using TLS. This needs “that” insted of “which”, making the clause restrictive. — Section 3 — Trailing'=' padding characters MUST be stripped. There’s a space missing after “trailing”. The client prepares for validation by constructing a self-signed certificate which MUST contain a acmeIdentifier extension and a “That”, not “which”. The ACME server MUST provide a ALPN extension with the single protocol name "acme-tls/1" and a SNI extension containing only the domain name Change “a” to “an” in both places (unless you realy say “snee” instead of “ess en eye”). — Section 5 — The first assumption is that when a server is being used to serve content for multiple DNS names from a single IP address that it properly segregates control of those names to the users that own The second “that” needs to go; the first one covers it. a TLS request using a SNI value for Host A Again, “an”, unless… — Section 7 — The TLS ALPN challenge exists to replace the TLS SNI challenge defined in the early ACME drafts. This challenge was convenient for service providers who were either operating large TLS layer load What is the antecedent to “this”? Is it th ALPN challenge, or the SNI challenge? I have no idea; please clarify. A security issue was discovered in the TLS SNI challenge by Frans Rosen which allowed users of various service providers to The phrasing would be better this way, to avoid separation of the connected parts (the TLS SNI challenge was not by Frans Rosen): NEW A security issue in the TLS SNI challenge was discovered by Frans Rosen, which allowed users of various service providers to END (i.e. if User A registered Host A and User B registered Host B with a service provider that User A wouldn't be able to respond to SNI traffic for Host B). First, “i.e.” needs a comma after it. Second, I can’t parse this at all. Can you please rephrase it so it makes sense? This turns out not to be a security property provided by a number of large service providers. NEW It turns out that a number of large service providers do not honor this property. END Because of this users were able to respond to SNI traffic I’ve ignored a lot of missing commas, but this one really needs one after “this”. This meant that if User A and User B had registered Host A and Host B respectively User A would be able to claim the SNI name for Host B and when the validation connection was made that User A would be able to answer, proving 'control' of Host B. Comma needed both before and after “respectively”, and another after “made”. — Section 8 — and especially Frans Rosen who discovered the vulnerability in the TLS SNI method which necessitated the writing of this specification. Add a comma after “Rosen”, and change “which” to “that”. |
2019-09-26
|
06 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2019-09-26
|
06 | Roman Danyliw | IESG state changed to IESG Evaluation from Waiting for Writeup |
2019-09-26
|
06 | Cindy Morgan | Placed on agenda for telechat - 2019-10-03 |
2019-09-26
|
06 | Roman Danyliw | Ballot has been issued |
2019-09-26
|
06 | Roman Danyliw | [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw |
2019-09-26
|
06 | Roman Danyliw | Created "Approve" ballot |
2019-09-26
|
06 | Roman Danyliw | Ballot writeup was changed |
2019-09-25
|
06 | Daniel Migault | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Daniel Migault. Sent review to list. |
2019-09-25
|
06 | Sabrina Tanamal | IANA Experts State changed to Reviews assigned |
2019-09-25
|
06 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2019-09-25
|
06 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-acme-tls-alpn-06. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-acme-tls-alpn-06. If any part of this review is inaccurate, please let us know. The IANA Functions Operator has a question about one of the actions requested in the IANA Considerations section of this document. The IANA Functions Operator understands that, upon approval of this document, there are three actions which we must complete. First, in the SMI Security for PKIX Certificate Extension registry on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at: https://www.iana.org/assignments/smi-numbers/ the existing registration for Decimal: 31 Description: id-pe-acmeIdentifier References: [draft-ietf-acme-tls-alpn] will have its reference changed to [ RFC-to-be ]. Second, in the TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs registry on the Transport Layer Security (TLS) Extensions registry page located at: https://www.iana.org/assignments/tls-extensiontype-values/ a new registration is to be made as follows: Protocol: ACME-TLS/1 Identification Sequence: 0x61 0x63 0x6d 0x65 0x2d 0x74 0x6c 0x73 0x2f 0x31 ("acme-tls/1") Reference: [ RFC-to-be ] As this section requests registrations in a Specification Required (see RFC 8126) registry, the IESG-designated experts for the the TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs registry have asked that you send a review request to the mailing list specified in RFC 8447. Expert review will need to be completed before your document can be approved for publication as an RFC. Third, in the ACME Validation Methods registry on the Automated Certificate Management Environment (ACME) Protocol registry page located at: https://www.iana.org/assignments/acme/ a new registration is to be made as follows: Label: tls-alpn-01 Identifier Type: dns ACME: Reference: [ RFC-to-be ] IANA Question --> Should the entry for "ACME" for this registration be "Y" or "N?" As this also requests registration in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. Expert review will need to be completed before your document can be approved for publication as an RFC. The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed. Thank you, Sabrina Tanamal Senior IANA Services Specialist |
2019-09-25
|
06 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2019-09-20
|
06 | Linda Dunbar | Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Linda Dunbar. Sent review to list. |
2019-09-19
|
06 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Joe Clarke |
2019-09-19
|
06 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Joe Clarke |
2019-09-17
|
06 | Martin Thomson | Request for Last Call review by ARTART Completed: Ready with Nits. Reviewer: Martin Thomson. Sent review to list. |
2019-09-16
|
06 | Suhas Nandakumar | Request for Last Call review by ARTART is assigned to Martin Thomson |
2019-09-16
|
06 | Suhas Nandakumar | Request for Last Call review by ARTART is assigned to Martin Thomson |
2019-09-12
|
06 | Jean Mahoney | Request for Last Call review by GENART is assigned to Linda Dunbar |
2019-09-12
|
06 | Jean Mahoney | Request for Last Call review by GENART is assigned to Linda Dunbar |
2019-09-12
|
06 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Daniel Migault |
2019-09-12
|
06 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Daniel Migault |
2019-09-11
|
06 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2019-09-11
|
06 | Amy Vezza | The following Last Call announcement was sent out (ends 2019-09-25): From: The IESG To: IETF-Announce CC: rdd@cert.org, Daniel McCarney , draft-ietf-acme-tls-alpn@ietf.org, acme@ietf.org, … The following Last Call announcement was sent out (ends 2019-09-25): From: The IESG To: IETF-Announce CC: rdd@cert.org, Daniel McCarney , draft-ietf-acme-tls-alpn@ietf.org, acme@ietf.org, cpu@letsencrypt.org, acme-chairs@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (ACME TLS ALPN Challenge Extension) to Proposed Standard The IESG has received a request from the Automated Certificate Management Environment WG (acme) to consider the following document: - 'ACME TLS ALPN Challenge Extension' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2019-09-25. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies a new challenge for the Automated Certificate Management Environment (ACME) protocol which allows for domain control validation using TLS. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-acme-tls-alpn/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-acme-tls-alpn/ballot/ No IPR declarations have been submitted directly on this I-D. |
2019-09-11
|
06 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2019-09-11
|
06 | Roman Danyliw | Last call was requested |
2019-09-11
|
06 | Roman Danyliw | Last call announcement was generated |
2019-09-11
|
06 | Roman Danyliw | Ballot approval text was generated |
2019-09-11
|
06 | Roman Danyliw | Ballot writeup was generated |
2019-09-11
|
06 | Roman Danyliw | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2019-09-05
|
06 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2019-09-05
|
06 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-06.txt |
2019-09-05
|
06 | (System) | New version approved |
2019-09-05
|
06 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2019-09-05
|
06 | Roland Shoemaker | Uploaded new revision |
2019-06-21
|
05 | Roman Danyliw | Second AD Review: https://mailarchive.ietf.org/arch/msg/acme/YW9rho7i1YjLd32k-MDYX4p2dSU |
2019-03-27
|
05 | Cindy Morgan | Shepherding AD changed to Roman Danyliw |
2019-03-27
|
05 | Eric Rescorla | This still needs a new draft. |
2019-03-27
|
05 | Eric Rescorla | This still needs a new draft. |
2018-12-24
|
05 | Eric Rescorla | https://mozphab-ietf.devsvcdev.mozaws.net/D5386 |
2018-12-24
|
05 | Eric Rescorla | IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested |
2018-08-27
|
05 | Rich Salz | # Technical Summary The ACME-TLS-ALPN draft extends the Automatic Certificate Management Environment (ACME) with a new domain validation challenge type (tls-alpn-01) that can be performed … # Technical Summary The ACME-TLS-ALPN draft extends the Automatic Certificate Management Environment (ACME) with a new domain validation challenge type (tls-alpn-01) that can be performed at the TLS layer alone. This challenge type meets the need of users (hosting providers, CDNs, etc) who wish to prove authorization of a DNS identifier withoout modifying HTTP handling behaviour or updating DNS zone data. This is the spiritual successor to the deprecated/removed TLS-SNI-01/02 challenge types from earlier ACME drafts. # Working Group Summary Earlier drafts specified a id-pe-acmeIdentifier OID that was already assigned by IANA. This has been addressed in the latest draft. The ASN.1 format of the id-pe-acmeIdentifier was also both simplified (removing an unneeded subarc from the OID) and clarified (to emphasize the SHA-256 digest value). # Document Quality Let's Encrypt, a high-volume ACME based CA, has fully implemented the tls-alpn-01 challenge type and has been issuing certificates in production using this challenge type since July 12th, 2018. Multiple independent ACME clients have implemented support for this challenge type. The overall document quality is high. Developing an implementation based on the specification text is reasonable. Interoperable client/server implementations exist and are in use in a production setting. # Personnel The document shepard is Daniel McCarney. The responsible area director is Eric Rescorla. # IRTF Note Not applicable # IESG Note Not applicable # IANA Note There are three IANA considerations in Section 5. The "SMI Security for PKIX Certificate Extension (1.3.6.1.5.5.7.1)" table requires an update. The "Application-Layer Protocol Negotiation (ALPN) Protocol IDs" table needs an update. The "ACME Validation Methods" table requires an update. |
2018-08-27
|
05 | Rich Salz | Responsible AD changed to Eric Rescorla |
2018-08-27
|
05 | Rich Salz | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2018-08-27
|
05 | Rich Salz | IESG state changed to Publication Requested |
2018-08-27
|
05 | Rich Salz | IESG process started in state Publication Requested |
2018-08-27
|
05 | Rich Salz | Changed consensus to Yes from Unknown |
2018-08-27
|
05 | Rich Salz | Intended Status changed to Proposed Standard from None |
2018-08-27
|
05 | Rich Salz | Changed document writeup |
2018-08-20
|
05 | Rich Salz | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2018-08-20
|
05 | Rich Salz | Notification list changed to Daniel McCarney <cpu@letsencrypt.org> |
2018-08-20
|
05 | Rich Salz | Document shepherd changed to Daniel McCarney |
2018-08-17
|
05 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-05.txt |
2018-08-17
|
05 | (System) | New version approved |
2018-08-17
|
05 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2018-08-17
|
05 | Roland Shoemaker | Uploaded new revision |
2018-08-15
|
04 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-04.txt |
2018-08-15
|
04 | (System) | New version approved |
2018-08-15
|
04 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2018-08-15
|
04 | Roland Shoemaker | Uploaded new revision |
2018-08-13
|
03 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-03.txt |
2018-08-13
|
03 | (System) | New version approved |
2018-08-13
|
03 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2018-08-13
|
03 | Roland Shoemaker | Uploaded new revision |
2018-08-13
|
02 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-02.txt |
2018-08-13
|
02 | (System) | New version approved |
2018-08-13
|
02 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2018-08-13
|
02 | Roland Shoemaker | Uploaded new revision |
2018-07-25
|
01 | Rich Salz | IETF WG state changed to In WG Last Call from WG Document |
2018-05-30
|
01 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-01.txt |
2018-05-30
|
01 | (System) | New version approved |
2018-05-30
|
01 | (System) | Request for posting confirmation emailed to previous authors: Roland Shoemaker |
2018-05-30
|
01 | Roland Shoemaker | Uploaded new revision |
2018-03-02
|
00 | Roland Shoemaker | New version available: draft-ietf-acme-tls-alpn-00.txt |
2018-03-02
|
00 | (System) | WG -00 approved |
2018-03-02
|
00 | Roland Shoemaker | Set submitter to "Roland Bracewell Shoemaker ", replaces to (none) and sent approval email to group chairs: acme-chairs@ietf.org |
2018-03-02
|
00 | Roland Shoemaker | Uploaded new revision |