Hi Paul, Thank you for your comment. I would consider the distribution of key material out of scope for this protocol. Since this is can be an asynchronous distribution channel between mutually trusting parties, implementations may vary. As mentioned below, ACME may be suitable here, but I don't think we should be prescriptive. I'll clarify this in the next draft.
Nick On Wed, Apr 1, 2020 at 11:13 PM Paul Yang <kaishen.yy= [email protected]> wrote: > Hi all, > > When reading the latest draft of delegated credentials, I didn’t any > description about how to distribute a credential from the backend to > frontend. As described in the draft: > > Delegated credentials: > > Client Front-End Back-End > | |<--DC distribution->| > |----ClientHello--->| | > |<---ServerHello----| | > |<---Certificate----| | > |<---CertVerify-----| | > | ... | | > > Do we need to define some sorts of encoding schemes for the <DC > distribution> part? > > Regards, > > Paul Yang > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
