Hi all,
On the suggestion of Shuping, I'm adding artarea and witarea who may be able to
provide feedback on the draft. Copy pasting the abstract here
Many Internet protocols rely on public key cryptography and assume Origins to
distribute keys to Clients. This draft provides recommendations for protocols
that expose key directories over HTTP.
The draft is available on the datatracker
athttps://datatracker.ietf.org/doc/draft-darling-key-directory-over-http/
Thank you,
Thibault
On Thursday, February 13th, 2025 at 11:00 AM, Thibault Meunier
<[email protected]> wrote:
> Hi all,
>
> Many Internet protocols rely on public key cryptography and assume Origins to
> distribute keys to Clients. This draft provides recommendations for protocols
> that expose key directories over HTTP.
>
> The draft is available on the datatracker at
> https://datatracker.ietf.org/doc/draft-darling-key-directory-over-http/
>
> We couldn’t identify an existing working group that fits, as it spans
> multiple areas—HTTP, cryptography, and key distribution (JOSE/COSE/…).
>
> At a high level, the draft presents some existing key directories, and
> recommends that protocols define:
> 1. A deterministic key ID,
> 2. A deterministic key selection algorithm for Clients,
> 3. Cache header relations to key material (expiry, not before),
> 4. A well-known URL.
>
> We welcome feedback and suggestions on the appropriate venue for this work,
> and on the proposal itself.
>
> Thank you,
> Fisher, Simon, Thibault
--
Witarea mailing list -- [email protected]
To unsubscribe send an email to [email protected]
