I concur with Filip's perspective. On Wed, Feb 26, 2025, 4:21 PM Filip Skokan <panva...@gmail.com> wrote:
> I believe it is inappropriate and wildly out of scope for an oauth > document to define X.509 extensions, which IIUC is needed in order to > define the Status Claim for X.509? The important thing to make sure is that > the document does not preclude a future X.509 extension being drafted > (wherever its appropriate place may be) that makes use of the status list, > and that already appears to be the case. > > S pozdravem, > *Filip Skokan* > > > On Fri, 7 Feb 2025 at 14:57, Christian Bormann <chris.bormann= > 40gmx...@dmarc.ietf.org> wrote: > >> Hi all, >> >> >> >> While going through the feedback and issues on github, there was one >> bigger discussion point that we would like to bring to the mailing list. >> Steffen Schwalm asked for support for X.509 Certificate revocation with the >> Status List - in that case the Status List describing the status of an >> X.509 Certificate (relevant issue >> https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/243). >> That would mean defining an extension to X.509 to embed the relevant >> information for a Status List (URI and index) and creating validation rules >> etc. >> >> >> >> While we understand the general motivation as is discussed in more detail >> in the issue, it would be somewhat of a change of scope for the Status List >> draft. We felt it might be out of scope of the OAuth Working Group and >> rather in scope of other working groups like lamps? Any >> comments/opinions would be appreciated! >> >> >> >> Best Regards, >> >> Christian Bormann >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org >> To unsubscribe send an email to oauth-le...@ietf.org >> > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-le...@ietf.org > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
