On Wed, Jul 16, 2025 at 10:32 PM Muhammad Usama Sardar < [email protected]> wrote:
> Please see inline: > > On 17.07.25 02:57, Eric Rescorla wrote: > > Thanks for the information. I have read that draft, but wasn't sure which > version you were > favoring. > > Please accept my apologies for not announcing clearly on the list. The > super set of authors of both drafts have a full consensus that > draft-fossati-tls-exported-attestation is a preferable option. > > I'll try to provide some comments. > > Thank you. For comments on draft-fossati-tls-exported-attestation, please > keep [email protected] also in the loop because this is what the > proposed WG will use as a starting point. > > Right. However, the actual data is in CERT. > > Correct, but just to clarify, my point was that in both cases (Client as > Attester and Server as Attester), the negotiation is symmetric and ends in > EE. So I don't see any asymmetry from negotiation perspective. As I > understood, your main point was about asymmetry in negotiation. > I think we'll have to agree to disagree here: in the Client as attester the client announces what it can do and the server tells it what it wants. In Server as attester the client says what it wants and the server tells it what it will do. That's unnecessarily inconsistent. -Ekr
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
