IETF Logo Mail Archive

[TLS] I-D on TLS authentication with VC

Leonardo Perugini <leonardo.perugini@linksfoundation.com> Thu, 11 April 2024 07:51 UTC

Return-Path: <leonardo.perugini@linksfoundation.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 227DEC14F69A for <tls@ietfa.amsl.com>; Thu, 11 Apr 2024 00:51:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=istitutoboella.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zJPMs7j_H4oC for <tls@ietfa.amsl.com>; Thu, 11 Apr 2024 00:51:30 -0700 (PDT)
Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on2133.outbound.protection.outlook.com [40.107.105.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A7662C14F683 for <tls@ietf.org>; Thu, 11 Apr 2024 00:51:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dwjDI1TGjKm0kdhu6XxQB5wBVtn2CPvHm0MQwu5bDHemBb5RGS05+gt3YINAHj8VX4OgbFbd+l3HRLmmh/y0+kb5nS4y3EQ0txRWx11WrdlqzNWGEDd06ZMnGaghUg96+eOS8dltB+J6KoFoc+f0CEypNSYf2ZzQ9RHtW5gYegZQkxSPmI+iavTM20LyMGZfipe7Fdzn3Dl3pfxAmiYIp7nsxzMKRjtj6yyMnpCxKy6VaAaPpAMkVZMqy4XWN9IkzxFNXI9RT9ETpMoyqq/3/1qQVOMwNILJCrwdbnqzqK/966D6luqfpGD3iE7jIARcaKHhywdzMu0aASuy5j52HQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6nqSB/8WycuaEX8qKaWCyG16AJrDBhCgVdFsOpDWCXc=; b=Ma5UAsRcVD7z6rNbHN2XtlELG8y49g/zEk+33NNE2QEOVwCk2R0/hqF7VZvqJkQFU8BYoB40pQCiBnzekbvtxMJDVf4w6MUrMHK8LnJcSVVtbayBO+nBu3jRIF8vzaWz3/IIIGBw381lPavm+Q2o1fXtRM7ZzhXkxEaVygceurMTW+ZCWo4J/EPT5XQpXozMLuuW0ns/QVNs3JWfVCqBLmQjjTc9euX4SYhAQff/1UL7bvUyB2Ikjn5EHR43AjzPBL5GC415OAPkepLnYPF/9a0EZb5Hn1yR/IK2PXKbTerrKuBvS2w0hbR4FwSSfuj6K0yb9L0t6iZDH5r4t76nRQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=linksfoundation.com; dmarc=pass action=none header.from=linksfoundation.com; dkim=pass header.d=linksfoundation.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=istitutoboella.onmicrosoft.com; s=selector2-istitutoboella-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6nqSB/8WycuaEX8qKaWCyG16AJrDBhCgVdFsOpDWCXc=; b=sAqY72PJPIhBzEPn53hICmFEIj/4w6kuC9oMozV880m67xFKccEygx8IMS34LOSA82R4309LXOPOtC8iZIjsKO1aryOiPfF2SotN5kG5S4eV4f3waCHgv7YyQF3624KBHyCT1m0lUKW6WRd/8+BmbH708vGkjKJ1fGV8L6N80ZA=
Received: from HE1P195MB0378.EURP195.PROD.OUTLOOK.COM (2603:10a6:7:a2::31) by AS8P195MB2098.EURP195.PROD.OUTLOOK.COM (2603:10a6:20b:56b::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Thu, 11 Apr 2024 07:51:21 +0000
Received: from HE1P195MB0378.EURP195.PROD.OUTLOOK.COM ([fe80::a2c7:fb1a:ff6:31df]) by HE1P195MB0378.EURP195.PROD.OUTLOOK.COM ([fe80::a2c7:fb1a:ff6:31df%7]) with mapi id 15.20.7409.042; Thu, 11 Apr 2024 07:51:21 +0000
From: Leonardo Perugini <leonardo.perugini@linksfoundation.com>
To: "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: I-D on TLS authentication with VC
Thread-Index: AQHai+ULgVNTcsjddkO1S0d9PTlngw==
Date: Thu, 11 Apr 2024 07:51:21 +0000
Message-ID: <HE1P195MB03781E95F84A478C61A43F40E8052@HE1P195MB0378.EURP195.PROD.OUTLOOK.COM>
References: <mailman.79.1712516402.60261.tls@ietf.org>
In-Reply-To: <mailman.79.1712516402.60261.tls@ietf.org>
Accept-Language: it-IT, en-GB, en-US
Content-Language: it-IT
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=linksfoundation.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: HE1P195MB0378:EE_|AS8P195MB2098:EE_
x-ms-office365-filtering-correlation-id: a927be14-0bfb-4e5d-a136-08dc59fc2ddb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YfvNgLQsOadx/5MrrFgMidKiq3OQDfJ2KGH5X/theS6URCfQJe0cl5JCEgAhN6NaBc1yUPvGeKzFEzAgqPprIiuNTGSSxAM0WylDdWh7MdvQtHpLKfU6bh1RLAqM6qDihvqLf0ZN4VTaCJhTyiTxqo4KmoZVuxCOM6VpYax7eK3CiMKBMIQL8rN7nOvstSa3aI0i7GYtM3V76fkD3EYVbzXKR/96AzgrquMRN1AwQsKv48BlkR5ALeT+nW9nz8hAB+HWX8jmdq6V0xH8IRBKahq6rLedprlm/zgFSE/ru/0GOw9AFeRJX5tCg4X1+lYrjlQSbR3amihInfz2CAW/68rhKiUr2L21pwyw2p2gfh/qYvCzdTsFW5SGMl/NxrFV1jBzujhqcVYAiDxdtmARaLRUJJtrl6exSl6IqJY/Og7wCeuGKJmls9R7uNQOGDFHMYqYGwwHXCkRHwkBUiAMTOfMfXdtEUhq6UQy6rilrD0VEOdX/SWXh3754s8rvaTsiLpQQBLy9t5VGpLtGSSmtx+vvUv1y/p4PilRuL9HKVeviUFCHPXt+xo8K3QRMH/tIfekaakp0Ti13ZuuJgHk1fg0Am15dL1CeGYKC9qmBbJNNceUsyFcs7bYyDCcu/Ck/3m5bIReYavMdUFsEd1iORDBHdxV64sc+a+TEaDVeYxBvZ0OUgmWfQ38VZiXj+/6woHqEvV4NSvZme1NjTuGVQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1P195MB0378.EURP195.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(376005)(1800799015)(41320700004)(366007)(38070700009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: +IV4KzU7BJv9pcUNfDbRb2I8w1OA0MiBF9eIIMUA86AcsKr+duMGGfDxoIlTKxlyzJ2M0V1mSZCMQUVN8qTpzZkzZ/C9qS3Oe54EB1bM3PJ4t38W/zWOKBZ5ddrRqy3ND6OG/E69DioYe1RKj5gU4AFgIFSwH7o+cEYiAFVyROIGvKPEm7qxlPOOh7lAOms+IP56DFq79T6lDay/mryDeTZPStmjFKFa6mUgQb1TVEVXZt9w91jaAZUUi1+EqexeAUZXUnykuP+LIwP9MJqPnZ89lVhN+laLNqbqW9OB4+NyMdTn1dlALTmhl0sZUqzjjFWu3io+ixuzWh4x8DTGpGGoj2pCJGE7gBDXUphGZ40SBYUC5ycNIgINf7gPxAgQhjj9JYKW6RQ+CNsbWj47gqyiBV4+b/IjMjmvHwE61lBhTst1xnXuMi4aAFihDnfYpEv29VZhzGlY8tGMrZYFvwnkXSHfS3fHz4o6TSpgX/pHGwW5ZvDjHyQaY9wxHPwRFA0QeJLtPqIfDmCVvt7JwRE30aKDGJHlWKgeUvcYSPq1QMD5oMpLzyqfwoR1d7lQnOZS3GOp2pciHtdiYD+c3jCqN5Eqd87uzfDmAPMFh32XCOcjCQzoejGfdZaoEkU2s6B27PaDuXsebfeyzEd5/9KK2nmd4obXqOIeVA5LkePGMhU4LLAAC1f22x8fOnRQUfPLh46VECII53zm8coAc3odnPaS43j2EaNHGVzpSjfxMkeUTz+sXXfSJpc8EzYLIwmdbj4NiMNnqWfMmM2xnWSE+zlKmR0n/Grn66rYaMU3Yb26SskMG6EpIAQ3KBDQqTj9z6SO5OK6GDlt3KuHJY+kDV5syVPy21x2VjwhlxxG0r6NGUrBKWMmB0+1GEde4nfwYERZjmpWKcr80VkBq5XPqK21mZd8clrgnBT71uEbSEDkO9NYaw7U4x3uBBBQOnwYLpg4MpbPTDd3Onk7sdNWQ3rtldv1dz8rS5HGv3rC3a5medYGqzk4lJoaei8OX/TJp2oMlEilmR7IGk/tVdX86The3ikoQq6DmZXbpDRMYLBW8AdIN5QSsXqaoCAhMHMxITsmZGWik4X3Dwz19+GVnis3KfYY5Uyv0bwyi+Fgrr5G/A1OStC7299ZvcQHuR55RqTe6p3AhPuruuSUUkgEMom2fIw0u9jqVDS+nDbg9dT/BR145HwI1Upq5S9bWA6G5TwL3p99scUFBAojFT3sx0iFTQXFkv99WXz5HPn9E7bhgYiYYparg7KM/qwP+m5vXUArbEAmf/n9B3bHX/O+zwfywjSMtDya/XVTXCX1xYkwriJYZUaWjeSxhC5uaYrR0pX8vVXvYRuTdJuKAnfqHSMhDCQ9vJ/HfRiHZ97Qh28j7TBJiPmN5xaTloEoT/s7E5n3XjhSpPB3VSzdNebkfZEnHEeYspSEWFzbBJmPWHAbZcUSjup1/pvxaI3rYhdV/26HjiTc6sroK5hiEGn2CIjJHPLajJnS7uH8rzrbae+BGuROsTZ4MOIv2+FcnRYlzb/ff0grOPXJKwEcS+1GjOpGWJlwJW1bYpRFPSgt8jR+OU8go0NG4R82PNgV3b7Oi5zy9i8BSB1oTGTVc61jP0EOgYh99lUATEwclU4=
Content-Type: multipart/alternative; boundary="_000_HE1P195MB03781E95F84A478C61A43F40E8052HE1P195MB0378EURP_"
MIME-Version: 1.0
X-OriginatorOrg: linksfoundation.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1P195MB0378.EURP195.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: a927be14-0bfb-4e5d-a136-08dc59fc2ddb
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Apr 2024 07:51:21.5412 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46a5eda7-5583-400d-805d-330f6efe08bd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Wq0NGeEFJrlVhb7ZSij190irhjYrk2nm6u/6yHIKffuE+BKfm3tUeSyWowu5j7hemlrV2GA03SX6yizJoibkbmoGIATXpoR3w/r0YPd4zRB27I6iODW7mb3xcsnHIfMd
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P195MB2098
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3O4hc9TYwzlnoahTAjxWCyYjdqw>
Subject: [TLS] I-D on TLS authentication with VC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 07:53:27 -0000

>> How do you plan to deal with the large number of DID methods?
>> Standardization of many of the DID methods has not been finished and
>> they appear to have vastly different security properties, even for the
>> most basic DID methods like did:web and did:key. It sounds difficult to
>> accomplish interoperability in such a flexible system.

Hi Hannes thanks for raising this point.

The did_methods extension proposed in the I-D is intended to carry the list of supported DID Methods that a TLS endpoint supports to resolve the peer's DID. In our opinion, the DLT-based DID Methods that conform to the DID core [1], and store a DID Document that expresses at least one verification method of type authentication, are candidates for use in the IoT use case. DID Methods that meet this set of minimum requirements (to be agreed upon and reviewed) should be entered into a registry and assigned to a range of values for "Experimental Use" in an early stage to encourage interoperability experiments.

[1] https://www.w3.org/TR/did-core/

Best regards,
Leonardo Perugini

v2.23.0 | Report a Bug | By Email