Hello tls-trust-anchor-ids authors, I'm working on a similar document[1] in a different area (in applications without WebPKI and TLS), where just like here, eventually there might be SVCB record would contain hints as to who the relevant trust anchors are.
In our work we're so far open as to whether data would be transported in SVCB records, or whether we'd rather emulate the path taken by DANE with TLSA records. Could you share a bit of the reasoning why the trust-anchor-ids document goes with SVCB records tather than using TLSA values with usage value 0 (trust anchor with PKIX validation)? Thanks Christian [1]: https://datatracker.ietf.org/doc/draft-lenders-core-dnr/ -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
