FYI - Ben has, rightly, pointed out that we cannot request that TLS DEs set the Recommended column to “Y” until the draft is published as a standards track RFC. So, when the request is sent to the DEs the value will be “N”, but we will request that IANA change it during AUTH48. I do not believe this will impact the extension’s deployment, but I wanted to make sure the WG (and DEs) are aware that when we first request the assignment that the request of the TLS DE’s will not exactly match the text in the IANA considerations section.
Apologies for any confusion, spt > On Jan 22, 2020, at 12:17, Sean Turner <s...@sn3rd.com> wrote: > > Hi! > > The chairs want to determine whether we should ask for the assignments > requested in draft-ietf-tls-subcerts [0][1]. We believe the draft is stable > enough and that there is interest from multiple implementers. Please let the > WG know by 2359 UTC 05 February 2020 whether you disagree with these code > point allocations and why. > > What follows are the two request of IANA; one for the TLS DEs and one for the > PKIX DE: > > 1. TLS ExtensionType Registry Request > > This document registers the "delegated_credentials" extension in the > "TLS ExtensionType Values" registry. The "delegated_credentials" > extension has been assigned a code point of TBD. The IANA registry > lists this extension as "Recommended" (i.e., "Y") and indicates that > it may appear in the ClientHello (CH), CertificateRequest (CR), or > Certificate (CT) messages in TLS 1.3 [RFC8446]. > > 2. SMI Security for PKIX Registry Request > > This document also defines an ASN.1 module for the DelegationUsage > certificate extension in Appendix A. IANA is requested to register > an Object Identifier (OID) for the ASN.1 in "SMI Security for PKIX > Module Identifier" arc. An OID for the DelegationUsage certificate > extension is not needed as it is already assigned to the extension > from Cloudflare's IANA Private Enterprise Number (PEN) arc. > > Cheers, > > Joe, Chris, and Sean > > [0] https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/ > [1] https://github.com/tlswg/tls-subcerts _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
