Re: [TLS] comments on draft-subcerts

For some reason, I misinterpreted this request as putting a representation of the TLS extension into the document. An ASN.1 representation of the OID in the certificate is forthcoming. Nick On Thu, Aug 20, 2020 at 9:04 AM Salz, Rich wrote: > > >- There are many RFCs that use the PEM encodin

Re: [TLS] comments on draft-subcerts

Yes, my first comment was addressed. Russ > On Aug 20, 2020, at 9:19 AM, Salz, Rich wrote: > > I've attempted to address the comments here: > https://github.com/tlswg/tls-subcerts/pull/80 >

Re: [TLS] comments on draft-subcerts

* There are many RFCs that use the PEM encoding to provide example certificates: -BEGIN CERTIFICATE- -END CERTIFICATE- * Others use the output of dumpasn1 from Peter Gutmann. If you ask I prefer PEM style, but can live with either. ___

Re: [TLS] comments on draft-subcerts

There are many RFCs that use the PEM encoding to provide example certificates: -BEGIN CERTIFICATE- -END CERTIFICATE- Others use the output of dumpasn1 from Peter Gutmann. Either one would be fine with me. Russ > On Aug 19, 2020, at 10:32 PM, Nick Sullivan wrote: > >

Re: [TLS] comments on draft-subcerts

* I've attempted to address the comments here: https://github.com/tlswg/tls-subcerts/pull/80

Re: [TLS] comments on draft-subcerts

Thank you Russ and Rich for your comments, I've attempted to address the comments here: https://github.com/tlswg/tls-subcerts/pull/80, save for the one about the example extension. Russ, which format do you think would be most useful for the extension? I'm having a hard time finding another exten

Re: [TLS] comments on draft-subcerts

Dear Nick and list, The PR is here now: https://github.com/tlswg/tls-subcerts/pull/79 Looking forward to been submitted to WGLC#2. Thanks! -- Sofía Celi @claucece http://claucece.github.io/ Cryptographic research and implementation at many places, but mainly at Cloudflare FAB9 3EDC 7CDD 1198 DC

Re: [TLS] comments on draft-subcerts

I have two comments: 1) The OID assignment for the ASN.1 module was assigned already by IANA. Please fill it in. 2) I think it would be very helpful to have an example of the extension in an Appendix. There was discussion on the list about it, and an error was found in the proposed example,

Re: [TLS] comments on draft-subcerts

Thank you for the review, Sofía. I'm looking forward to the PR. Once that lands we'll submit a version of the doc with WGLC#2 comments incorporated. Nick On Thu, Aug 13, 2020 at 12:35 AM Sofía Celi wrote: > Dear, list, > > Sorry for sending this past the last call. > > Few comments on the draft

Re: [TLS] comments on draft-subcerts

Watson: This does not look right to me. The extensions in the certificate are: extensions=Extensions: Extension: extnID=2.5.29.15 critical=True extnValue=0x03020780 Extension: extnID=2.5.29.37 critical=False extnValue=0x300a06082b06010505070301 Extension: e

Re: [TLS] comments on draft-subcerts

On Tue, Jul 14, 2020 at 3:38 PM Salz, Rich wrote: > > I would love to see a sample cert and private key in “PEM format” and samples > of the TLS extensions encoded, or even a simplified handshake dump. https://github.com/tlswg/tls-subcerts/pull/77 > >

Re: [TLS] comments on draft-subcerts

I would love to see a sample cert and private key in “PEM format” and samples of the TLS extensions encoded, or even a simplified handshake dump. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] comments on draft-subcerts

Rich: > Sec 4.2 doesn’t seem to agree with the complete ASN1 in Appendix A. The > latter has DelegatedCredentialExtn which is mentioned in prose and a TBD in > 4.2 Perhaps a comment or some other words to tie them together? Or does > that issue just go away when IANA does the registration?