I agree with Hannes that X.509 extensions need to be done in LAMPS, because that is where the expertise is. thanks, -rohan
On Wed, Feb 26, 2025, 08:48 Hannes Tschofenig <hannes.tschofe...@h-brs.de> wrote: > (chair hat off) > > Hi Filip, Hi all, > > this sounds like feature creep to me. I brought this work on status > lists to the attention of the IETF LAMPS group, and there was zero > interest from the PKI community in this type of solution. The PKIX > community already has a wide range of established solutions for > revocation and status checking. > > Steffen could propose such an extension within LAMPS, if he cares about > it. LAMPS is the place to define extensions to X.509 certificates. > > Ciao > Hannes > > > Am 26.02.2025 um 17:18 schrieb Filip Skokan: > > I believe it is inappropriate and wildly out of scope for an oauth > > document to define X.509 extensions, which IIUC is needed in order to > > define the Status Claim for X.509? The important thing to make sure is > > that the document does not preclude a future X.509 extension being > > drafted (wherever its appropriate place may be) that makes use of the > > status list, and that already appears to be the case. > > > > S pozdravem, > > *Filip Skokan* > > > > > > On Fri, 7 Feb 2025 at 14:57, Christian Bormann > > <chris.bormann=40gmx...@dmarc.ietf.org> wrote: > > > > Hi all, > > > > While going through the feedback and issues on github, there was > > one bigger discussion point that we would like to bring to the > > mailing list. Steffen Schwalm asked for support for X.509 > > Certificate revocation with the Status List - in that case the > > Status List describing the status of an X.509 Certificate > > (relevant issue > > https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/243 > ). > > That would mean defining an extension to X.509 to embed the > > relevant information for a Status List (URI and index) and > > creating validation rules etc. > > > > While we understand the general motivation as is discussed in more > > detail in the issue, it would be somewhat of a change of scope for > > the Status List draft. We felt it might be out of scope of the > > OAuth Working Group and rather in scope of other working groups > > like lamps? Any comments/opinions would be appreciated! > > > > Best Regards, > > > > Christian Bormann > > > > _______________________________________________ > > OAuth mailing list -- oauth@ietf.org > > To unsubscribe send an email to oauth-le...@ietf.org > > > > > > _______________________________________________ > > OAuth mailing list -- oauth@ietf.org > > To unsubscribe send an email to oauth-le...@ietf.org > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-le...@ietf.org >
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
