This is not a TLS WG issue.

-Ekr


On Wed, Mar 9, 2016 at 6:36 AM, Henry Story <henry.st...@bblfish.net> wrote:

> Hi,
>
>   The W3C TAG is working on a finding for Client Certificates that
> people here should find very interesting [1].
>
> One issue that comes up a lot in discussions is the use of certificates
> across origins [2], which some folks find problematic, even though it
> clearly has its uses [3].
>
>  It seems that this could be solved neatly with an X509 extension
> limiting usage to a certain origin or set of origins. I would not
> be surprised if this already exists. With browser chrome support this
> would allow the full range of uses from FIDO to cross origin ones
> whilst putting the user in control.
>
> Henry
>
>
> [1] https://github.com/w3ctag/client-certificates
> [2] https://github.com/w3ctag/client-certificates/issues/1
> [3]
> https://github.com/w3ctag/client-certificates/issues/1#issuecomment-194318303
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to