Based on the comments during the last TLS WG meeting and the comments on the list, we've revised and submitted a new version of delegated credentials https://www.ietf.org/id/draft-rescorla-tls-subcerts-01.txt.
This has several salient changes from the previous version: * We trimmed the fat in the custom structure. The only fields that remain are a time and a public key, the necessities. * We changed the signature algorithm to sign not only the delegated structure, but also signs the EE certificate that issued it as well the TLS version that was negotiated. This has some advantages over proxy certificates and we describe these. * In the previous draft we described several alternatives. At the last WG meeting no one seemed particularly thrilled about using Name constrained certs directly, but there was some enthusiasm around either the custom structure or proxy certificates. With the changes to signing in this draft, the custom structure has some clear advantages, so we cleaned up the draft to remove all the alternatives except the custom structure. * Required the presence of an extension in the EE certificate to allow the use of delegated credentials. * Clarified the behavior of TLS 1.3 and TLS 1.2 clients and servers. I hope that the cleanup in this draft should make it much easier to discuss going forward. Subodh
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
