Hello all,As suggested by some people from other WGs, I just wanted to cross-post this message here since the proposal heavily rely on DNS and can be leveraged in many different environments (e.g., Server and Client (browsers) authentication, document validation, IoT identities, etc.) and we would like to receive feedback from anybody who might be interested in the topic.
*Context. *We are currently working on specifying how to use DNS as a transport protocol for revocation information for digital certificates. In particular, we are working on how to leverage the distributed nature of DNS to efficiently (and possibly at a lower operational costs) distribute OCSP (Online Certificate Status Protocol) responses to applications/devices/etc.
*Current Status.* We started this work sometime ago but never really had the time to finish it. Now it seems we can focus more on the topic and would like to discuss this work in a more public venue. We have recently updated the two competing I-D we submitted sometime ago into the latest reference I-D that is available here:
https://datatracker.ietf.org/doc/draft-pala-odin/Please feel free to contact us for any help (you might require or you might provide), feedback, etc.
Thanks, Max -- Best Regards, Massimiliano Pala, Ph.D. OpenCA Labs Director OpenCA Logo
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
