[TLS] Fwd: New Version Notification for draft-ietf-tls-subcerts-09.txt

Fri, 26 Jun 2020 16:55:34 -0700 

TLSWG,

We have submitted draft-09 of the Delegated Credentials draft. This draft
incorporates the reviews of -07 from the WGLC process as well as changes
from draft-08 from the list that weren't covered during the WGLC.

Here's a quick summary of the changes:
   draft-09
   *  Fix section bullets in 4.1.3.
   *  Add operational considerations section for clock skew
   *  Add text around using an oracle to forge DCs in the future and
      past
   *  Add text about certificate extension vs EKU
   draft-08
   *  Include details about the impact of signature forgery attacks
   *  Copy edits for readability
   *  Fix section about DC reuse
   *  Incorporate feedback from Jonathan Hammell and Kevin Jacobs on the
      list

Best,
Nick

---------- Forwarded message ---------
From: <[email protected]>
Date: Fri, Jun 26, 2020 at 4:47 PM
Subject: New Version Notification for draft-ietf-tls-subcerts-09.txt
To: Richard Barnes <[email protected]>, Subodh Iyengar <[email protected]>, Eric
Rescorla <[email protected]>, Nick Sullivan <[email protected]>



A new version of I-D, draft-ietf-tls-subcerts-09.txt
has been successfully submitted by Nick Sullivan and posted to the
IETF repository.

Name:           draft-ietf-tls-subcerts
Revision:       09
Title:          Delegated Credentials for TLS
Document date:  2020-06-26
Group:          tls
Pages:          18
URL:
https://www.ietf.org/internet-drafts/draft-ietf-tls-subcerts-09.txt
Status:         https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/
Htmlized:       https://tools.ietf.org/html/draft-ietf-tls-subcerts-09
Htmlized:
https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts
Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-subcerts-09

Abstract:
   The organizational separation between the operator of a TLS endpoint
   and the certification authority can create limitations.  For example,
   the lifetime of certificates, how they may be used, and the
   algorithms they support are ultimately determined by the
   certification authority.  This document describes a mechanism by
   which operators may delegate their own credentials for use in TLS,
   without breaking compatibility with peers that do not support this
   specification.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls

Reply via email to