tlswg, After incorporating feedback from the working group, we have published draft 02 of Delegated Credentials. It contains the following changes from draft -01:
(*) indicates changes to the wire protocol. - Change public key type. (*) - Change DelegationUsage extension to be NULL and define its object identifier. - Drop support for TLS 1.2. - Add the protocol version and credential signature algorithm to the Credential structure. (*) - Specify undefined behavior in a few cases: when the client receives a DC without indicated support; when the client indicates the extension in an invalid protocol version; and when DCs are sent as extensions to certificates other than the end-entity certificate. Nick On Fri, Aug 17, 2018 at 11:19 AM <internet-dra...@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Transport Layer Security WG of the IETF. > > Title : Delegated Credentials for TLS > Authors : Richard Barnes > Subodh Iyengar > Nick Sullivan > Eric Rescorla > Filename : draft-ietf-tls-subcerts-02.txt > Pages : 12 > Date : 2018-08-17 > > Abstract: > The organizational separation between the operator of a TLS server > and the certification authority can create limitations. For example, > the lifetime of certificates, how they may be used, and the > algorithms they support are ultimately determined by the > certification authority. This document describes a mechanism by > which operators may delegate their own credentials for use in TLS, > without breaking compatibility with clients that do not support this > specification. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-tls-subcerts-02 > https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-subcerts-02 > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
