Hi,
This draft is very well written, I mainly have high level comments:
- I think there is an overlap between draft-ietf-tls-subcerts and
draft-tschofenig-tls-cwt, which also propose a form of delegated credentials.
CWT is an existing format, that draft supports delegation on both the client
a
On Wed, Apr 3, 2019, at 11:22 PM, John Mattsson wrote:
> Hi Christopher,
>
> Thanks for the clarifications.
>
> >You’re correct that this requires both endpoints to adopt the change
> >simultaneously. However, that does not contradict the quoted text, which
> >states that the protocol is not
On Thu, Apr 4, 2019, at 6:01 AM, Christopher Wood wrote:
>
>
> On Wed, Apr 3, 2019, at 11:22 PM, John Mattsson wrote:
> > Hi Christopher,
> >
> > Thanks for the clarifications.
> >
> > >You’re correct that this requires both endpoints to adopt the change
> > >simultaneously. However, that do
On 4/4/19 at 11:22 PM, john.matts...@ericsson.com (John
Mattsson) wrote:
I think "this requires both endpoints to adopt the change
simultaneously" is a problem as it makes it impossible to
introduce this mechanism in many existing deployments. I would
expect a solution that can be introduced
Dear all,
Apologies for the premature announcements, but kc2kdm.com is working
with delegated credentials version -03 (although the certificate has
an extra two bytes in the extension) Thanks to Christopher Patton and
Illari Liusvaara who have both confirmed it works with different
implementations
On Mon, Apr 01, 2019 at 06:09:16PM -0400, Victor Vasiliev wrote:
> This sounds reasonable to me. I currently don't have a plan for
> implementing this, but since zstd is well-defined and has an RFC published
> (that I can easily cite), I see no reason not to add it.
>
> I wrote up a PR: https://g
