Hi all,I am struggling with one issue that we have been seeing more and more often with the introduction of small IoT devices that connect to clouds via TLS and need to validate the cloud server's (or the other party's) certificate chain.
In particular, the problem is that without a reliable (or trusted) source of Time information, devices can not reliably validate certificates (i.e., is the certificate even valid... ? is it expired ? is the revocation info fresh enough ?) and my question for the list is about best practices in the space. The problem is even more problematic for devices with limited access to the network (e.g., access only to specific servers / cloud services) since no "external" source of time can be used.
Do you know if there are indications / best practices from ITU or from IETF (or other organizations) on how to deal with this issue ? Has the issue been addressed somewhere ?
Cheers, Max -- Best Regards, Massimiliano Pala, Ph.D. OpenCA Labs Director OpenCA Logo
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
