attachment
<div dir="ltr"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div>FYI - potentially useful in Cloud, SDN, and other scenarios<br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <span dir="auto"><<a href="mailto:internet-drafts@ietf.org">internet-drafts@ietf.org</a>></span><br>Date: Wed, Jun 3, 2020 at 3:52 PM<br>Subject: [TLS] I-D Action: draft-ietf-tls-subcerts-08.txt<br>To: <<a href="mailto:i-d-announce@ietf.org">i-d-announce@ietf.org</a>><br>Cc: <<a href="mailto:tls@ietf.org">tls@ietf.org</a>><br></div><br><br>
A New Internet-Draft is available from the on-line Internet-Drafts directories.<br>
This draft is a work item of the Transport Layer Security WG of the IETF.<br>
<br>
Title : Delegated Credentials for TLS<br>
Authors : Richard Barnes<br>
Subodh Iyengar<br>
Nick Sullivan<br>
Eric Rescorla<br>
Filename : draft-ietf-tls-subcerts-08.txt<br>
Pages : 17<br>
Date : 2020-04-24<br>
<br>
Abstract:<br>
The organizational separation between the operator of a TLS endpoint<br>
and the certification authority can create limitations. For example,<br>
the lifetime of certificates, how they may be used, and the<br>
algorithms they support are ultimately determined by the<br>
certification authority. This document describes a mechanism by<br>
which operators may delegate their own credentials for use in TLS,<br>
without breaking compatibility with peers that do not support this<br>
specification.<br>
<br>
<br>
The IETF datatracker status page for this draft is:<br>
<a href="https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/" rel="noreferrer" target="_blank">https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/</a><br>
<br>
There are also htmlized versions available at:<br>
<a href="https://tools.ietf.org/html/draft-ietf-tls-subcerts-08" rel="noreferrer" target="_blank">https://tools.ietf.org/html/draft-ietf-tls-subcerts-08</a><br>
<a href="https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts-08" rel="noreferrer" target="_blank">https://datatracker.ietf.org/doc/html/draft-ietf-tls-subcerts-08</a><br>
<br>
A diff from the previous version is available at:<br>
<a href="https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-subcerts-08" rel="noreferrer" target="_blank">https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-subcerts-08</a><br>
<br>
<br>
Please note that it may take a couple of minutes from the time of submission<br>
until the htmlized version and diff are available at <a href="http://tools.ietf.org" rel="noreferrer" target="_blank">tools.ietf.org</a>.<br>
<br>
Internet-Drafts are also available by anonymous FTP at:<br>
<a href="ftp://ftp.ietf.org/internet-drafts/" rel="noreferrer" target="_blank">ftp://ftp.ietf.org/internet-drafts/</a><br>
<br>
<br>
_______________________________________________<br>
TLS mailing list<br>
<a href="mailto:TLS@ietf.org" target="_blank">TLS@ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/tls" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/listinfo/tls</a><br>
</div></div>