On Fri, Aug 24, 2018 at 04:09:43PM +0200, Mounira Msahli wrote: > Hi all, > > > The draft: TLS 1.3 Authentication using IEEE 1609.2/ETSI TS 103097 > certificates is updated in accordance with TLS 1.3: > https://tools.ietf.org/html/draft-tls-certieee1609-01 > > This document describes the use of certificates specified by the Institute of > Electrical and Electronics Engineers IEEE1609.2 and the European > Telecommunications Standards > > Institute ETSI TS 103097. These standards are defined in order to secure > communications in vehicular environments. > > This extension is very useful and has become a pressing need for > (Vehicle-To-Internet(V2Internet), Vehicle-To-Cloud(V2Cloud),...). > > We are soliciting feedback from the WG on the draft.
Some quick comments: - I did not see requirements where to place the end-entity certificate anywhere. I think most TLS code outright assumes that the end-entity certificate is the first one. - More generally, I did not see it specified how the certificate chain is laid out to the individual certficate fields (it is fairly obvious, but should still be specified). - The examples could have multiple certificate types in ClientHello to more clearly show what is actually going on. - You should also specify use in TLS 1.2 in the same draft (or say that is prohibited). This is so one only needs one reference for the codepoint allocation. - I found the document quite hard to read due to various editorial issues. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
