> On 27 May 2020, at 08:49, Hannes Tschofenig <hannes.tschofe...@arm.com
> <mailto:hannes.tschofe...@arm.com>> wrote:
>
> Hi all,
>
> I wanted to bring up another topic that may need to be clarified in
> draft-tschofenig-uta-tls13-profile-04
>
> RFC 7925 says the following about client certificates:
>
> <>
> “4.4.2 <https://tools.ietf.org/html/rfc7925#section-4.4.2>. Certificates
> Used by Clients
>
> For client certificates, the identifier used in the SubjectAltName or
> in the leftmost CN component of subject name MUST be an EUI-64.
> “
>
Hmm. It doesn’t say how to include it in SAN fields. Anyone that understand how?
> It turns out that many IoT deployments use identifiers different than EUI-64
> numbers, and populate these identifiers in other places in the X.509
> certificate.
Agree
>
> I believe we have to update this recommendation to match deployment reality.
>
Sounds like a fair plan.
/O
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
