[Uta] Re: [TLS] Is there any interest in an RFC on how to do cross-organization mTLS?

I agree here. The term “mTLS” is used more and more and there’s no specification. If we could document a few profiles for it, like internal use in a system, cross-organisation etc that would be beneficial. /O > On 10 Sep 2024, at 09:16, John Mattsson > wrote: > > I would be very supportive o

Re: [Uta] Second WGLC for draft-ietf-uta-rfc7525bis-05

> On 14 Feb 2022, at 16:46, Salz, Rich > wrote: > > I’ve tried to register ALPN for SIP/2.0 for a long time now, but fail to get > responses and confusing ones. > > I don’t recall seeing the request, and I am one of the designated experts for > the TLS registries. I wonder where you asked

Re: [Uta] Second WGLC for draft-ietf-uta-rfc7525bis-05

From the draft: "Protocol developers are strongly encouraged to register an ALPN identifier for their protocols. This applies to new protocols, as well as well-established protocols such as SMTP.” I’ve tried to register ALPN for SIP/2.0 for a long time now, but fail to get responses and confus

Re: [Uta] Second WGLC for draft-ietf-uta-rfc7525bis-05

A nit-picking small comment. The abstract ends like this: This document was published as RFC 7525 when the industry was in the midst of its transition to TLS 1.2. Years later this transition is largely complete and TLS 1.3 is widely available. Given the new environment, updated guidance is need

Re: [Uta] Adoption of draft-rsalz-use-san

> On 14 Mar 2021, at 16:46, Alexey Melnikov wrote: > > Hi, > >> On 14 Mar 2021, at 14:47, Valery Smyslov wrote: >> >>  >> Hi, >> >> this message starts 2 weeks formal adoption call for draft-rsalz-use-san. >> The call will end on Sunday 28 March. > > I support adoption of this document.

Re: [Uta] Short term client certs and long lived connections!

> On 8 Jan 2021, at 17:38, Viktor Dukhovni wrote: > > On Fri, Jan 08, 2021 at 11:34:44AM +0100, Olle E. Johansson wrote: > >> I am working on a project where we issue short term client TLS certs, >> with just a few days lifespan. >> >> I realized that in

[Uta] Short term client certs and long lived connections!

Hi! I am working on a project where we issue short term client TLS certs, with just a few days lifespan. I realized that in some protocols, like SIP, MQTT, XMPP, we have quite long lived client connections over connection-oriented protocols. During those connections, a cert may expire. I hav

Re: [Uta] Client Certificates in RFC 7925

> On 27 May 2020, at 08:49, Hannes Tschofenig > wrote: > > Hi all, > > I wanted to bring up another topic that may need to be clarified in > draft-tschofenig-uta-tls13-profile-04 > > RFC 7925 says the following about client certificates: > > <> > “4.4.

Re: [Uta] Recommendations for network operators regarding TLS usage by apps?

Dan York skrev 2014-10-22 23:09: Question for the group - while UTA is chartered to document best practices for TLS clients and servers, and to create a document for application protocol developers... has anyone developed a document for network operators about recommendations for how they

Re: [Uta] Hostname validation and other missing details

On 18 Aug 2014, at 17:11, Paul Hoffman wrote: > On Aug 17, 2014, at 5:38 PM, Will Sargent wrote: > >> Rather than "please implement the RFC correctly", I'd say "please test that >> your implementation correctly implements hostname verification, using >> dnschef or another spoofer. I have an