+1 From: Uta <uta-boun...@ietf.org> on behalf of Dmitry Belyavsky <beld...@gmail.com> Date: Sunday, 14 March 2021 at 11:05 To: "Salz, Rich" <rsalz=40akamai....@dmarc.ietf.org> Cc: "uta@ietf.org" <uta@ietf.org> Subject: Re: [Uta] Requesting adoption of draft-rsalz-use-san
I support the adoption of this draft On Sun, Mar 14, 2021 at 12:32 AM Salz, Rich <rsalz=40akamai....@dmarc.ietf.org<mailto:40akamai....@dmarc.ietf.org>> wrote: I presented this at SECDISPATCH, which said “get thee to UTA” The draft is short, five pages, and updates RFC 6125 as described below. 6125 was AD sponsored. The draft below addresses some feedback given during the SECDISPATCH session. Name: draft-rsalz-use-san Revision: 01 Title: Update to Verifying TLS Server Identities with X.509 Certificates Document date: 2021-03-13 Group: Individual Submission Pages: 5 URL: https://www.ietf.org/archive/id/draft-rsalz-use-san-01.txt Status: https:/datatracker.ietf.org/doc/draft-rsalz-use-san/<http://datatracker.ietf.org/doc/draft-rsalz-use-san/> Html: https://www.ietf.org/archive/id/draft-rsalz-use-san-01.html Htmlized: https://tools.ietf.org/html/draft-rsalz-use-san-01 Diff: https://www.ietf.org/rfcdiff?url2=draft-rsalz-use-san-01 Abstract: In the decade since [RFC6125] was published, the subjectAlternativeName extension (SAN), as defined in [RFC5280] has become ubiquitous. This document updates [RFC6125] to specify that the fall-back techniques of using the commonName attribute to identify the service must not be used. This document also places some limitations on the use of wildcards in SAN fields. The original context of [RFC6125], using X.509 certificates for server identity with Transport Layer Security (TLS), is not changed. _______________________________________________ Uta mailing list Uta@ietf.org<mailto:Uta@ietf.org> https://www.ietf.org/mailman/listinfo/uta -- SY, Dmitry Belyavsky
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
