[Uta] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

On Mon, Jan 6, 2025 at 11:31 AM Michael Richardson wrote: > > Please note and respect the Reply-To: uta@ietf.org. > > 4. Find a sensible way to extend RFC6066 to accomodote other forms of SNI. > There isn't an IANA registry for this. > Just as a technical matter, it's not really possible to ext

[Uta] Re: [lamps] IoT certificate profile vs TLS SNI and subjectAltName

On 1/6/25, 2:32 PM, "Michael Richardson" mailto:mcr+i...@sandelman.ca>> wrote: In https://github.com/thomas-fossati/draft-tls13-iot/issues/65 I ask why draft-ietf-uta-tls13-iot-profile suggests that IoT devices that have certificates

[Uta] IoT certificate profile vs TLS SNI and subjectAltName

Please note and respect the Reply-To: uta@ietf.org. TL;DR> Help us avoid stuffing non-DNS strings into SubjectAltName dNSName when doing device to device (D)TLS. In https://github.com/thomas-fossati/draft-tls13-iot/issues/65 I ask why draft-ietf-uta-tls13-iot-profile suggests that IoT dev

[Uta] Re: [TLS] Re: [Ace] IoT certificate profile vs TLS SNI and subjectAltName

On Mon, Jan 6, 2025 at 6:14 PM Eric Rescorla wrote: > > > > On Mon, Jan 6, 2025 at 11:31 AM Michael Richardson > wrote: >> >> >> Please note and respect the Reply-To: uta@ietf.org. >> >> >> >> 4. Find a sensible way to extend RFC6066 to accomodote other forms of SNI. >> There isn't an IANA regis