This is not a TLS WG issue. -Ekr
On Wed, Mar 9, 2016 at 6:36 AM, Henry Story <henry.st...@bblfish.net> wrote: > Hi, > > The W3C TAG is working on a finding for Client Certificates that > people here should find very interesting [1]. > > One issue that comes up a lot in discussions is the use of certificates > across origins [2], which some folks find problematic, even though it > clearly has its uses [3]. > > It seems that this could be solved neatly with an X509 extension > limiting usage to a certain origin or set of origins. I would not > be surprised if this already exists. With browser chrome support this > would allow the full range of uses from FIDO to cross origin ones > whilst putting the user in control. > > Henry > > > [1] https://github.com/w3ctag/client-certificates > [2] https://github.com/w3ctag/client-certificates/issues/1 > [3] > https://github.com/w3ctag/client-certificates/issues/1#issuecomment-194318303 > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls