Hi all,
This version represents our attempt to address feedback received during
the recent consensus call. The primary changes are:
1. Clarify the difference between service delegation and DNS delegation.
2. Clarify the difference between certificate wildcards and DNS wildcards.
3. Clarify that matching between presented identifiers in certificates
and reference identifiers in applications is based on A-labels.
4. Minimize text about internationalized domain names; instead, for the
most part we simply cite existing specifications regarding terminology.
The authors hope that this version is now ready to move forward.
Peter
On 3/2/23 10:50 AM, internet-dra...@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This Internet-Draft is a work item of the Using TLS in Applications WG of the
IETF.
Title : Service Identity in TLS
Authors : Peter Saint-Andre
Rich Salz
Filename : draft-ietf-uta-rfc6125bis-11.txt
Pages : 30
Date : 2023-03-02
Abstract:
Many application technologies enable secure communication between two
entities by means of Transport Layer Security (TLS) with Internet
Public Key Infrastructure Using X.509 (PKIX) certificates. This
document specifies procedures for representing and verifying the
identity of application services in such interactions.
This document obsoletes RFC 6125.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-uta-rfc6125bis/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-uta-rfc6125bis-11.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-uta-rfc6125bis-11
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
