>From a very quick read rfc 6698, what I'm doing differently is to add the >ability for the TLS server to authenticate the client by using the client's >registration GUID rather than DNS
Karl. -----Original Message----- From: Paul Wouters [mailto:[email protected]] Sent: Wednesday, September 11, 2013 11:51 To: Karl Malbrain Cc: [email protected] Subject: Re: [perpass] FW: proposed enhancement to TLS strong authentication protocol On Wed, 11 Sep 2013, Karl Malbrain wrote: > From: Karl Malbrain > Sent: Wednesday, September 11, 2013 11:43 > To: 'Theodore Ts'o' > Subject: RE: [perpass] proposed enhancement to TLS strong authentication > protocol > > It's a WORM list. Users post requests to the list maintainers they trust > with a GUID to register their public key, and then send this GUID as part of > the TLS negotiation process. Seems to me to be basically like an unscalable central version of the TLSA record? https://tools.ietf.org/html/rfc6698 Paul _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
