A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Using TLS in Applications WG of the IETF.
Title : Update to Verifying TLS Server Identities with X.509
Certificates
Author : Rich Salz
Filename : draft-ietf-uta-use-san-00.txt
Pages : 5
Date : 2021-04-01
Abstract:
In the decade since [RFC6125] was published, the
subjectAlternativeName extension (SAN), as defined in [RFC5280] has
become ubiquitous. This document updates [RFC6125] to specify that
the fall-back techniques of using the commonName attribute to
identify the service must not be used. This document also places
some limitations on the use of wildcards in SAN fields.
The original context of [RFC6125] using X.509 certificates for server
identity with Transport Layer Security (TLS), is not changed.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-uta-use-san/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-uta-use-san-00.html
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
