How much of the TLS part of this objective is achieved by RFC 9102? -Ekr
On Mon, Nov 28, 2022 at 11:21 AM Ollie <me=40olliejc...@dmarc.ietf.org> wrote: > Hi folks, > > I'm new to the I-D/RFC process so apologies for any naivety! > > Firstly, I've done a quick search for any commentary around this but > haven't found anything specific - but let me know if I've likely missed > something. > > I want to propose a way for a user agent to trust self-signed > certificates. Is this best discussed here in TLS, or perhaps over at HTTP? > > In essence, I'm proposing that user agents should trust a fully DNSSEC > domain with a TLS certificate set up using DANE, along with changes to CT > log submission process to allow self-signed certificates (looking to > suggest via rfc9162). > > I've set up an example site and GitHub repo with more details: > - https://justselfsigned.org > - https://github.com/OllieJC/justselfsigned.org > > It'd be great to get your thoughts and support to progress this. > > Thanks, > Ollie > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
