After sharing our first draft of TLS Trust Expressions <https://datatracker.ietf.org/doc/draft-davidben-tls-trust-expr/> and several discussions across a couple IETFs, we’d like to proceed with a call for working group adoption of this draft. We are currently prototyping trust expressions in BoringSSL & Chromium and will share more details when implementation is complete.
As we mentioned in our message to the mailing list from January, our primary goal is to produce a mechanism for supporting multiple subscriber certificates <https://github.com/davidben/tls-trust-expressions/blob/main/explainer.md> and efficiently negotiating which to serve on a given TLS connection, even if that ends up requiring significant changes to the draft in its current state. To that end, we’re interested in learning whether wg members support adoption of this deployment model and the currently-described certificate negotiation mechanism or if they oppose adoption (and why!). Thanks! David, Devon, and Bob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls