On Wed, Apr 12, 2017 at 12:31 PM, Sean Turner <s...@sn3rd.com <mailto:s...@sn3rd.com>> wrote: All,
At our IETF 98 session, there was support in the room to adopt draft-rescorla-tls-subcerts [0]. We need to confirm this support on the list so please let the list know whether you support adoption of the draft and are willing to review/comment on the draft before 20170429. If you object to its adoption, please let us know why. Clearly, the WG is going to need to work through the trade-offs between short-lived certificates and sub-certs because both seem, to some, to be addressing the same problem. Cheers, J&S [0] https://datatracker.ietf.org/doc/html/draft-rescorla-tls-subcerts <https://datatracker.ietf.org/doc/html/draft-rescorla-tls-subcerts> I want to see a solution to this problem, but I think we should look at RFC 3820, X.509 Proxy Certificate Profile. I know that this was implemented, but I do not know if it is still in use. Russ
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
