Martin: > Nitpicks accepted, pull requests preferred: > > https://github.com/tlswg/tls13-spec/pull/317
It might be useful to remind people about the difference between self-signed certificates and self-issued certificates. RFC 5280 says: Self-signed certificates are self-issued certificates where the digital signature may be verified by the public key bound into the certificate. Self-signed certificates are used to convey a public key for use to begin certification paths. Self-issued certificates are CA certificates in which the issuer and subject are the same entity. Self-issued certificates can appear in the middle of a path when a CA is doing key rollover and is doing old-signed-by-new and new-signed-by-old. The rollover approach is described in RFC 2510; look for "key update". Self-signed certificates are one very popular way to distribute the public key and distinguished name for a trust anchor. The certification path validation procedures in Section 6 of RFC 5280 do not validate the signature on such a sel-signed certificate. It says: When the trust anchor is provided in the form of a self-signed certificate, this self-signed certificate is not included as part of the prospective certification path. Russ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
