[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

2025-01-09 Thread Salz, Rich
Nice careful reading, Valery. EKR is right we need to test if this will work in practice. In particular, what are the chances that network middleboxes will reject it? :) ___ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ie

[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

2025-01-09 Thread Eric Rescorla
I see you're correct. I should have checked more closely rather than just trusting my memory. We would probably need some testing to see what happens in practice, of course. -Ekr On Thu, Jan 9, 2025 at 5:21 AM Valery Smyslov wrote: > Hi, > > > > On Mon, Jan 6, 2025 at 9:31 PM Watson Ladd wro

[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

2025-01-09 Thread Valery Smyslov
Hi, On Mon, Jan 6, 2025 at 9:31 PM Watson Ladd < watsonbl...@gmail.com> wrote: On Mon, Jan 6, 2025 at 6:14 PM Eric Rescorla mailto:e...@rtfm.com> > wrote: > > > > On Mon, Jan 6, 2025 at 11:31 AM Michael Richardson > wrote: >> >>

[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

2025-01-07 Thread Eric Rescorla
On Mon, Jan 6, 2025 at 9:31 PM Watson Ladd wrote: > On Mon, Jan 6, 2025 at 6:14 PM Eric Rescorla wrote: > > > > > > > > On Mon, Jan 6, 2025 at 11:31 AM Michael Richardson < > mcr+i...@sandelman.ca> wrote: > >> > >> > >> Please note and respect the Reply-To: uta@ietf.org. > >> > >> > >> > >> 4. F

[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

2025-01-06 Thread Watson Ladd
On Mon, Jan 6, 2025 at 6:14 PM Eric Rescorla wrote: > > > > On Mon, Jan 6, 2025 at 11:31 AM Michael Richardson > wrote: >> >> >> Please note and respect the Reply-To: uta@ietf.org. >> >> >> >> 4. Find a sensible way to extend RFC6066 to accomodote other forms of SNI. >> There isn't an IANA regis