Martin Thomson raised an issue Github (Issue #5 <https://github.com/tlswg/tls-exported-authenticator/issues/5>) suggesting that we modify the exported authenticators draft to include the ability to incorporate a CertificateRequest into an authenticator. I have put together a set of changes to the draft to incorporate this suggestion: https://github.com/tlswg/tls-exported-authenticator/pull/9
The advantage of this change is that it provides a more explicit binding between a request for an authenticator (which includes TLS extensions) and the authenticator itself. This change also significantly simplifies the HTTP/2 Additional Certificates draft <https://tools.ietf.org/html/draft-bishop-httpbis-http2-additional-certs-04> that depends on exported authenticators. I presented this change at IETF 100 and there were no objections. Comments welcome, Nick
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
