On Sat, Jan 28, 2023 at 08:35:40AM +0000, John Mattsson wrote:
> Thanks Ilari for that very fast and detailed answer. I a made a PR to
> RFC8446bis to suggest adding “A node MAY use the same certificate as
> both server and client certificate.”, I don’t know if there should be
> more restrictions. The real practical problems seem to be cross-
> protocol attacks on the application layer where TLS is used for
> several application layer protocols.
I had idea (but I never got to writing I-D) of PKIX certificate
extension that constrained the certificate to specific set of
explicit TLS Application Layer Protocols.
E.g., constrain to {"http/1.1","h2","h3"} for HTTP certificate,
or something like {"imap","submission"} (might need to register
extra ALPNs) for user mailserver.
-Ilari
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
