[TLS] Fwd: New Version Notification for draft-ietf-tls-subcerts-09.txt

Fri, 26 Jun 2020 16:55:34 -0700 

TLSWG,

We have submitted draft-09 of the Delegated Credentials draft. This draft
incorporates the reviews of -07 from the WGLC process as well as changes
from draft-08 from the list that weren't covered during the WGLC.

Here's a quick summary of the changes:
   draft-09
   *  Fix section bullets in 4.1.3.
   *  Add operational considerations section for clock skew
   *  Add text around using an oracle to forge DCs in the future and
      past
   *  Add text about certificate extension vs EKU
   draft-08
   *  Include details about the impact of signature forgery attacks
   *  Copy edits for readability
   *  Fix section about DC reuse
   *  Incorporate feedback from Jonathan Hammell and Kevin Jacobs on the
      list

Best,
Nick

---------- Forwarded message ---------
From: <internet-dra...@ietf.org>
Date: Fri, Jun 26, 2020 at 4:47 PM
Subject: New Version Notification for draft-ietf-tls-subcerts-09.txt
To: Richard Barnes <r...@ipv.sx>, Subodh Iyengar <sub...@fb.com>, Eric
Rescorla <e...@rtfm.com>, Nick Sullivan <n...@cloudflare.com>



A new version of I-D, draft-ietf-tls-subcerts-09.txt
has been successfully submitted by Nick Sullivan and posted to the
IETF repository.

Name:           draft-ietf-tls-subcerts
Revision:       09
Title:          Delegated Credentials for TLS
Document date:  2020-06-26
Group:          tls
Pages:          18
URL:
https://www.ietf.org/internet-drafts/draft-ietf-tls-subcerts-09.txt
Status:         https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/
Htmlized:       https://tools.ietf.org/html/draft-ietf-tls-subcerts-09
Htmlized:
https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts
Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-subcerts-09

Abstract:
   The organizational separation between the operator of a TLS endpoint
   and the certification authority can create limitations.  For example,
   the lifetime of certificates, how they may be used, and the
   algorithms they support are ultimately determined by the
   certification authority.  This document describes a mechanism by
   which operators may delegate their own credentials for use in TLS,
   without breaking compatibility with peers that do not support this
   specification.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to