All,
This version addresses the feedback I've received since IETF-116, namely:
- Using the ACME server's root certificate as the network identifier
- Highlighting where/how this fits with secure network connection
- Clarifying the trust model
- Adding security considerations WRT key material
As always, feedback and questions are appreciated!
> Begin forwarded message:
>> From: internet-drafts at ietf.org> Subject: New Version Notification for draft-sweet-iot-acme-04.txt
> Date: August 2, 2023 at 12:01:54 PM EDT
> To: "Michael Sweet" <msweet at msweet.org>
>>> A new version of I-D, draft-sweet-iot-acme-04.txt
> has been successfully submitted by Michael Sweet and posted to the
> IETF repository.
>> Name: draft-sweet-iot-acme
> Revision: 04
> Title: ACME-Based Provisioning of IoT Devices
> Document date: 2023-08-02
> Group: Individual Submission
> Pages: 13
> URL: https://www.ietf.org/archive/id/draft-sweet-iot-acme-04.txt> Status: https://datatracker.ietf.org/doc/draft-sweet-iot-acme/> Html: https://www.ietf.org/archive/id/draft-sweet-iot-acme-04.html> Htmlized: https://datatracker.ietf.org/doc/html/draft-sweet-iot-acme> Diff: https://author-tools.ietf.org/iddiff?url2=draft-sweet-iot-acme-04>> Abstract:
> This document extends the Automatic Certificate Management
> Environment (ACME) [RFC8555] to provision X.509 certificates for
> local Internet of Things (IoT) devices that are accepted by existing
> web browsers and other software running on End User client devices.
>>>>> The IETF Secretariat
>>
________________________
Michael Sweet
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20230802/3ddd564e/attachment.html>