# ACME Meeting at IETF 112
Thursday, 11-Nov-2021 at 14:30 UTC

Notes: [notes](https://notes.ietf.org/notes-ietf-112-acme)
MeetEcho: [MeetEcho](https://meetings.conf.meetecho.com/ietf112/?group=acme&short=&item=1)
Jabber: [room](xmpp:acme@jabber.ietf.org?join) ; [logs](https://jabber.ietf.org/jabber/logs/acme/2021-11-11.html)

## Agenda

* Note Well, technical difficulties and administrivia (chairs) – 5 min
* IETF Code of Conduct (chairs) - 5 min
* Document Status (chairs) – 5 min
* draft-ietf-acme-dtnnodeid-06 (Sipos) - 10 min
* draft-aaron-acme-ari-01 (Gable) - 10 min
* draft-ietf-acme-integrations (Friel, Shekh-Yusef, Richardson) - 10 minutes
* draft-ietf-acme-subdomains (Friel, Barnes, Hollebeek, Richardson) - 10 minutes
* AOB - 5 min 

## Notes

### Document Status

* star-delegation draft was published as RFC 9115
* authority-token-07 was posted; now in IETF Last Call
* authority-token-tnauthlist draft saw no changes
* end-user client and code signing draft got two new versions; please review
* authority-token and authority-token-tnauthlist will proceed to to the IESG telechat together.

### DTN Node ID

* Now using the otherName form of SubjectAltName (BundleEID)
* Portions of earlier versions of this document updated DTN documents; these have been moved out to a separate document which is being adopted by the DTN WG and is informatively referenced here
* Three known issues (all editorial)
* Will continue to use "DTN Node ID" in the document, just to be clear that the document is related to the DTN WG

### ACME ARI Extension

* initial server implementation to Let’s Encrypt’s Staging environment
* renewalInfo URL is now constructable from subscriber certificate:
  -- hex encoding of issuer key hash (SHA-1), issuer name hash (SHA-1), and serial
  -- same approach to identify the certificate as used in OCSP
* only uses GET (not POST-as-GET)
* clarified client behavior in various extraordinary circumstances
* polling semantics are "wait X time", but also want a way to say come right back; considering changing how polling interval is communicated to client
* considering adding a "renewal has completed" endpoint; would let ACME CA revoke
* authors ask for adoption

### ACME Integrations

* address RFC7030 CSR Attributes gap by reference to draft-richardson-lamps-rfc7030-csrattrs
 -- this document is blocked until the LAMPS document is done, but the rest of it can be reviewed now
* now uses RFC 8499 “DNS Terminology"

### ACME Subdomains

* Adopted by WG
* Terminology additions: Included RFC 8499 “DNS Terminology” definitions; will change JSON field names for alignment
* please review; getting close to done

### AOB

* possible future work on an ACME mechanism for single-use code signing certificates

### Charter Milestone Review

* all of the milestones are in the past
-- DTN Node ID -- December 2021
-- Subdomain -- March 2022
-- Integration -- March 2022
-- Code Signing -- July 2022