The client draft is adopted as a WG item, so if the WG would like to move
in that direction, I am of course happy to support it. If it makes sense to
keep the client focused authentication challenges as a separate draft, that
is fine too. Additional reviews on the existing text would be good or
Hi Brandon,
I’ve just read your draft and I find it very interesting.
One clarifying question: Is the mechanism you describe limited to certifying
keys that are hosted in HW? Or could it also cover the case of an ephemeral /
short-term keypair that resides in a TEE?
Three short notes:
*
