> On 27 May 2020, at 08:49, Hannes Tschofenig <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi all,
>
> I wanted to bring up another topic that may need to be clarified in
> draft-tschofenig-uta-tls13-profile-04
>
> RFC 7925 says the following about client certificates:
>
> <>
> “4.4.2 <https://tools.ietf.org/html/rfc7925#section-4.4.2>. Certificates
> Used by Clients
>
> For client certificates, the identifier used in the SubjectAltName or
> in the leftmost CN component of subject name MUST be an EUI-64.
> “
>
Hmm. It doesn’t say how to include it in SAN fields. Anyone that understand how?
> It turns out that many IoT deployments use identifiers different than EUI-64
> numbers, and populate these identifiers in other places in the X.509
> certificate.
Agree
>
> I believe we have to update this recommendation to match deployment reality.
>
Sounds like a fair plan.
/O
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
