* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Acme Status Pages

Automated Certificate Management Environment (Active WG)
Sec Area: Roman Danyliw, Benjamin Kaduk | 2015-Jun-26 —  

2021-07-09 charter

Automated Certificate Management Environment (acme)


 Current Status: Active

     Deb Cooley <decoole@nsa.gov>
     Deb Cooley <debcooley1@gmail.com>
     Yoav Nir <ynir.ietf@gmail.com>

 Security Area Directors:
     Roman Danyliw <rdd@cert.org>
     Benjamin Kaduk <kaduk@mit.edu>

 Security Area Advisor:
     Roman Danyliw <rdd@cert.org>

 Mailing Lists:
     General Discussion: acme@ietf.org
     To Subscribe:       https://www.ietf.org/mailman/listinfo/acme
     Archive:            https://mailarchive.ietf.org/arch/browse/acme/

Description of Working Group:

  Historically, issuance of certificates for Internet applications
  (e.g., web servers) has involved many manual identity validation steps
  by the certification authority (CA).  The ACME WG will specify
  conventions for automated X.509 certificate management, including
  validation of control over an identifier, certificate issuance,
  certificate renewal, and certificate revocation.  The initial focus of
  the ACME WG will be on domain name certificates (as used by web
  servers), but other uses of certificates can be considered as work

  ACME certificate management must allow the CA to verify, in an
  automated manner, that the party requesting a certificate has authority
  over the requested identifiers, including the subject and subject
  alternative names.  The processing must also confirm that the requesting
  party has access to the private key that corresponds to the public key
  that will appear in the certificate.  All of the processing must be done
  in a manner that is compatible with common service deployment
  environments, such as hosting environments.

  ACME certificate management must, in an automated manner, allow an
  authorized party to request revocation of a certificate.

  The ACME working group is specifying ways to automate certificate
  issuance, validation, revocation and renewal.  The ACME working
  group is not reviewing or producing certificate policies or

  The starting point for ACME WG discussions shall be draft-barnes-acme.

Goals and Milestones:
  Apr 2021 - ACME integration with with EST, BRSKI and TEAP use cases submitted to IESG
  Apr 2021 - Delay-Tolerant Networking (DTN) extensions submitted to IESG
  Jul 2021 - End user client and code signing certificates extension submitted to IESG or abandoned
  Done     - Initial working group draft
  Done     - Submit working group draft to IESG as Proposed Standard
  Done     - TNAuthlist extension submitted to IESG
  Done     - S/MIME extension submitted to IESG
  Done     - Profile for delegated STAR certificates submitted to IESG

All charter page changes, including changes to draft-list, rfc-list and milestones:

Generated from PyHt script /wg/acme/charters.pyht Latest update: 24 Oct 2012 16:51 GMT -