On Tue, Oct 30, 2018 at 09:41:25AM -0700, Watson Ladd wrote:
> Dear all,
>
> Maybe I don't understand the draft, but I am reading how the signature on
> the Delegated Credential is computed and I don't see where we put the
> credential into the data that is signed. Shouldn't we include the
> Credential in the data over which the signature is computed?
Yeah, took a look, does not look like credential structure is included.
Additionally, the text contains refernece to
DelegatedCredential.scheme, which I do not see definition of (no
structure contains field named "scheme").
Looks like things got borked between -01 and -02. More specifically,
in this commit:
commit db7339bb1f6f3b643e3358217d663273a9cabba5
Author: Christopher Patton
Date: Thu Jul 26 11:17:09 2018 -0700
Drop "must-use-DC" and implement changes for draft-02
I presume the 5. and 6. in signed list should be:
5. DelegatedCredential.cred
6. DelegatedCredential.algorithm
(or perhaps vice versa; they are .algorithm and .scheme right
now)
-Ilari
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
