On Sat, Jan 28, 2023 at 08:35:40AM +0000, John Mattsson wrote: > Thanks Ilari for that very fast and detailed answer. I a made a PR to > RFC8446bis to suggest adding “A node MAY use the same certificate as > both server and client certificate.”, I don’t know if there should be > more restrictions. The real practical problems seem to be cross- > protocol attacks on the application layer where TLS is used for > several application layer protocols.
I had idea (but I never got to writing I-D) of PKIX certificate extension that constrained the certificate to specific set of explicit TLS Application Layer Protocols. E.g., constrain to {"http/1.1","h2","h3"} for HTTP certificate, or something like {"imap","submission"} (might need to register extra ALPNs) for user mailserver. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls