I support the adoption of this draft On Sun, Mar 14, 2021 at 12:32 AM Salz, Rich <rsalz= [email protected]> wrote:
> I presented this at SECDISPATCH, which said “get thee to UTA” > > > > The draft is short, five pages, and updates RFC 6125 as described below. > 6125 was AD sponsored. > > > > The draft below addresses some feedback given during the SECDISPATCH > session. > > > > Name: draft-rsalz-use-san > > Revision: 01 > > Title: Update to Verifying TLS Server Identities with > X.509 Certificates > > Document date: 2021-03-13 > > Group: Individual Submission > > Pages: 5 > > URL: > https://www.ietf.org/archive/id/draft-rsalz-use-san-01.txt > > Status: https:/datatracker.ietf.org/doc/draft-rsalz-use-san/ > > Html: > https://www.ietf.org/archive/id/draft-rsalz-use-san-01.html > > Htmlized: https://tools.ietf.org/html/draft-rsalz-use-san-01 > > Diff: > https://www.ietf.org/rfcdiff?url2=draft-rsalz-use-san-01 > > > > Abstract: > > In the decade since [RFC6125] was published, the > > subjectAlternativeName extension (SAN), as defined in [RFC5280] has > > become ubiquitous. This document updates [RFC6125] to specify that > > the fall-back techniques of using the commonName attribute to > > identify the service must not be used. This document also places > > some limitations on the use of wildcards in SAN fields. > > > > The original context of [RFC6125], using X.509 certificates for > > server identity with Transport Layer Security (TLS), is not changed. > > > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta > -- SY, Dmitry Belyavsky
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
