L. Perugini and I have written an I-D on the use of Verifiable Credentials [1][2] as an additional authentication mode in TLS. We presented the I-D to the ALLDISPATCH WG during IETF119 and the outcome was to explore the potential interest of the TLS WG. The I-D proposes to add (i) a new Certificate Type called VC in addition to X509 and RawPublicKey to the existing client_certificate_type and server_certificate_type extensions and (ii) a new extension called did_methods to carry the list of DID Methods supported by the endpoint to resolve the peer's DID during the validation of the Verifiable Credential. The I-D focuses on the IoT use case.
We are aware of the current discussion in the working group about new code points and would like to know your opinion in the case of this I-D and to explore the possible interest. Thank you in advance for your feedback. I-D: https://datatracker.ietf.org/doc/draft-vesco-vcauthtls/ Code: - Provider https://github.com/Cybersecurity-LINKS/openssl-ssi-provider - OpenSSL https://github.com/Cybersecurity-LINKS/openssl [1] https://www.w3.org/TR/vc-data-model-2.0/ [2] https://www.w3.org/TR/did-core/ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
