Thanks for your thoughtful reply.
Inline:
On Sat, Mar 2, 2024 at 9:21 PM David Benjamin wrote:
> Hi Orie,
>
> Thanks for the note! I'm not very familiar with the SCITT work, so I can't
> speak to it directly. But perhaps I can try to describe what we're trying
> to achieve for TLS, and that mig
Hi Orie,
Thanks for the note! I'm not very familiar with the SCITT work, so I can't
speak to it directly. But perhaps I can try to describe what we're trying
to achieve for TLS, and that might help you determine whether it applies to
SCITT?
We're looking here to address problems caused by single-
I found the CDDL in the appendix intriguing:
https://davidben.github.io/tls-trust-expressions/draft-davidben-tls-trust-expr.html#appendix-A
In SCITT, we've been kicking around a related concept...
It's had several names, all of which have led to confusion, so I will not
repeat them here, but I wa
On Thu, Feb 29, 2024 at 4:31 PM David Benjamin
wrote:
> Oh, I should have added: I put together an informal "explainer"-style
> document to try to describe the high-level motivations and goals a bit
> better. The format is adapted more from the web platform end [...]
>
There is a very uncharitab
Oh, I should have added: I put together an informal "explainer"-style
document to try to describe the high-level motivations and goals a bit
better. The format is adapted more from the web platform end, which likes
to have separate explainer and specification documents, but it seemed a
good style f
Circling back to this thread, we're now looking at prototyping the TLS
parts in BoringSSL, on both the client (Chrome) and the server side. Let us
know if you have any thoughts on the proposal!
(Nothing that would prevent us from changing details, of course. But as
there are a lot of pieces here,
On Fri, Jan 26, 2024 at 12:52:44PM -0500, David Benjamin wrote:
> On Fri, Jan 26, 2024 at 5:15 AM Ilari Liusvaara
> wrote:
>
> > On Thu, Jan 25, 2024 at 05:00:19PM -0500, David Benjamin wrote:
> > >
> > > Second, I wanted to take a step back and try to better articulate our
> > > goals. I think t
On Fri, Jan 26, 2024 at 5:15 AM Ilari Liusvaara
wrote:
> On Thu, Jan 25, 2024 at 05:00:19PM -0500, David Benjamin wrote:
> >
> > Second, I wanted to take a step back and try to better articulate our
> > goals. I think the best way to look at this draft is in three parts:
> >
> > 1. A new multi-ce
On Thu, Jan 25, 2024 at 05:00:19PM -0500, David Benjamin wrote:
>
> Second, I wanted to take a step back and try to better articulate our
> goals. I think the best way to look at this draft is in three parts:
>
> 1. A new multi-certificate deployment model (the overall goal)
>
> 2. Selecting cer
