Markdown Version | Session Recording

Session Date/Time: 10 Nov 2022 15:30

acme

Summary

The ACME working group meeting covered document status, including updates on several drafts, notably the Authority Token and TN Auth List, DTN Node ID, and Device Attestation drafts. A new challenge type, DNS Account 01, was presented. Discussions focused on coordinating attestation formats across working groups and addressing potential CAB Forum implications for the proposed DNS Account 01.

Key Discussion Points

• Authority Token and TN Auth List: Authority Token is approved and will be in RFC TQS. TN Auth List has some outstanding issues but should be resolved by December.
• DTN Node ID: Progress is blocked awaiting a DTN registry update. The ACME working group is comfortable with parking the document until the DTN dependency is resolved.
• Acme Integrations: Revised AP needed.
• Device Attestation: Coordination needed across ITF working groups (ACME, LAMPS) and external consortia on the attestation encapsulation format. There are implementations from Apple and Smallstep.
• DNS Account 01: A new DNS challenge type was presented to address multi-region deployments and zero-downtime migrations. Further review is needed, particularly regarding potential CAB Forum baseline requirement issues.

Decisions and Action Items

• Authority Token: No action required.
• TN Auth List: Author team to finalize changes by December.
• DTN Node ID: Document will be parked with the AD until the DTN registry update progresses.
• Device Attestation: A call for working group adoption will be sent to the mailing list. Need more review.
• DNS Account 01: A call for working group adoption will be sent to the mailing list. Author team to investigate potential CAB Forum baseline requirement issues.

Next Steps

• Send adoption calls to the mailing list for the Device Attestation and DNS Account 01 drafts.
• Authors of TN Auth List need to deliver final changes by December.
• Track progress of the DTN registry update before moving forward with the DTN Node ID draft.
• Encourage increased review of the Device Attestation draft on the mailing list.
• Discuss potential CAB Forum implications for the DNS Account 01 draft on the mailing list.