Hi Kyle, I just checked again, and connecting to https://www.facebook.com with a default version of Firefox uses Delegated Credentials. I'm not sure what test sites you're looking at, but the Facebook homepage works fine.
I'm not sure whether there's any UI in Firefox to tell you that you're using Delegated Credentials, but you can easily see it in e.g. Wireshark <https://www.wireshark.org/>. If you like I can share pcaps and repro instructions offthread. Regards, Jonathan On Mon, 17 Jul 2023, 23:49 Kyle Duren, <pixitha.k...@gmail.com> wrote: > I took some time today to try to test this, but sadly both the Mozilla and > Facebook test sites are totally missing, neither of them resolve anymore. > > Anyone have any other known test sites or have a contact at > Mozilla/Cloudflare/Meta? > > -Kyle > > On Jul 17, 2023, at 4:06 PM, Jonathan Hoyland <jonathan.hoyl...@gmail.com> > wrote: > > > Hi Andrei, > > In terms of browsers Firefox supports DCs, but I'm not aware of any other > browsers with support. > > Regards, > > Jonathan > > On Mon, 17 Jul 2023, 20:20 Andrei Popov, <andrei.po...@microsoft.com> > wrote: > >> A similar question for the client side: are there any Web browsers with >> Delegated Credentials support? >> >> >> >> Cheers, >> >> >> >> Andrei >> >> >> >> *From:* TLS <tls-boun...@ietf.org> *On Behalf Of * Jonathan Hoyland >> *Sent:* Monday, July 17, 2023 4:39 AM >> *To:* Ilari Liusvaara <ilariliusva...@welho.com> >> *Cc:* tls@ietf.org >> *Subject:* [EXTERNAL] Re: [TLS] RFC 9345 on Delegated Credentials for >> TLS and DTLS >> >> >> >> Hi Ilari, >> >> >> >> If you're looking for a currently live server www.facebook.com will >> serve you a Delegated Credential if you indicate support for it in your >> ClientHello. >> >> >> >> If you want other implementations to test against, Cloudflare's fork of >> Go >> <https://github.com/cloudflare/go/blob/cf/src/crypto/tls/delegated_credentials.go> >> has an implementation, and with some finagleing you can make boringssl >> support DCs too. >> >> >> >> Regards, >> >> >> >> Jonathan >> >> >> >> On Mon, 17 Jul 2023 at 07:46, Ilari Liusvaara <ilariliusva...@welho.com> >> wrote: >> >> On Thu, Jul 13, 2023 at 03:29:20PM -0700, rfc-edi...@rfc-editor.org >> wrote: >> > A new Request for Comments is now available in online RFC libraries. >> > >> > RFC 9345 >> > >> > Title: Delegated Credentials for TLS and DTLS >> > Author: R. Barnes, >> > S. Iyengar, >> > N. Sullivan, >> > E. Rescorla >> > Status: Standards Track >> > Stream: IETF >> > Date: July 2023 >> > Mailbox: r...@ipv.sx, >> > sub...@fb.com, >> > n...@cloudflare.com, >> > e...@rtfm.com >> > Pages: 17 >> > Updates/Obsoletes/SeeAlso: None >> > >> > I-D Tag: draft-ietf-tls-subcerts-15.txt >> > >> > URL: https://www.rfc-editor.org/info/rfc9345 >> > >> > DOI: 10.17487/RFC9345 >> >> Are there any known servers that support this (for quick interop check)? >> All the test servers I have found (three) seem to have been shut down. >> >> >> >> >> -Ilari >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> >> _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
