[New-wg-docs] I-D Action: draft-ietf-uta-use-san-00.txt

internet-drafts@ietf.org Thu, 01 April 2021 18:00 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: new-wg-docs@ietf.org
Delivered-To: new-wg-docs@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0442D3A1D7C for <new-wg-docs@ietf.org>; Thu, 1 Apr 2021 11:00:53 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <new-wg-docs@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <161730005298.2008.6558955297381657817@ietfa.amsl.com>
Date: Thu, 01 Apr 2021 11:00:53 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-wg-docs/gMPEedBJ1AhFVRIE-Amw3D9Sils>
Subject: [New-wg-docs] I-D Action: draft-ietf-uta-use-san-00.txt
X-BeenThere: new-wg-docs@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <new-wg-docs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/new-wg-docs/>
List-Post: <mailto:new-wg-docs@ietf.org>
List-Help: <mailto:new-wg-docs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 18:00:53 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Using TLS in Applications WG of the IETF.

        Title           : Update to Verifying TLS Server Identities with X.509 Certificates
        Author          : Rich Salz
	Filename        : draft-ietf-uta-use-san-00.txt
	Pages           : 5
	Date            : 2021-04-01

   In the decade since [RFC6125] was published, the
   subjectAlternativeName extension (SAN), as defined in [RFC5280] has
   become ubiquitous.  This document updates [RFC6125] to specify that
   the fall-back techniques of using the commonName attribute to
   identify the service must not be used.  This document also places
   some limitations on the use of wildcards in SAN fields.

   The original context of [RFC6125] using X.509 certificates for server
   identity with Transport Layer Security (TLS), is not changed.

The IETF datatracker status page for this draft is:

There is also an HTML version available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: