Hi Watson, On Thu, Feb 6, 2025 at 8:10 PM Watson Ladd <watsonbl...@gmail.com> wrote:
> A negotiation where what is advertised is an inherently opaque > pointer, and where each side must maintain an idea of what that could > mean, does not have this property. Servers have to explicitly act to > support the new identifier by getting a configuration that includes > it. Whether or not this is indirectly away as part of ACME doesn't > really change the equation. New clients can't count on server support, > unless they advertise an already existing value. There's been various > ways to express deltas to try to solve this, but they all involve > paying a penalty for deviation. > > The dynamic I'm worried about most then isn't fracturing: as you point > out there are some countervailing forces where people want easy > support. Rather it's that we artificially drive up the price of > picking different CAs than the dominant implementation. I very much share the concerns you've articulated here: increased barriers to entry both for new CAs and for new clients which have different root-management policies than the existing dominant implementation, and outsized penalties for differing from a "well-known set" as might happen from having tighter requirements on CA operation over time. The opaque token seems like it could lead to the properties that you (and I) wish to avoid, but when expressing my support for the group taking up the draft, I felt that the specific identifier form for trust anchors was still mutable, and therefore that it wasn't a barrier to draft adoption. If I have misunderstood, and identifiers must inherently be opaque in that way for all forms of trust anchors negotiation, then I appreciate the correction! Mike
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
