This is not a TLS WG issue. -Ekr
On Wed, Mar 9, 2016 at 6:36 AM, Henry Story <[email protected]> wrote: > Hi, > > The W3C TAG is working on a finding for Client Certificates that > people here should find very interesting [1]. > > One issue that comes up a lot in discussions is the use of certificates > across origins [2], which some folks find problematic, even though it > clearly has its uses [3]. > > It seems that this could be solved neatly with an X509 extension > limiting usage to a certain origin or set of origins. I would not > be surprised if this already exists. With browser chrome support this > would allow the full range of uses from FIDO to cross origin ones > whilst putting the user in control. > > Henry > > > [1] https://github.com/w3ctag/client-certificates > [2] https://github.com/w3ctag/client-certificates/issues/1 > [3] > https://github.com/w3ctag/client-certificates/issues/1#issuecomment-194318303 > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
