[TLS] Draft TLS Extension for Path Validation
Ashley Kopman <akopman@conceptsbeyond.com> Wed, 25 May 2022 16:40 UTC
Return-Path: <akopman@conceptsbeyond.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA960C19D46E for <tls@ietfa.amsl.com>; Wed, 25 May 2022 09:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=conceptsbeyond-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23CcvQR-9qp7 for <tls@ietfa.amsl.com>; Wed, 25 May 2022 09:40:24 -0700 (PDT)
Received: from mail-qv1-xf33.google.com (mail-qv1-xf33.google.com [IPv6:2607:f8b0:4864:20::f33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 324ADC185148 for <tls@ietf.org>; Wed, 25 May 2022 09:40:23 -0700 (PDT)
Received: by mail-qv1-xf33.google.com with SMTP id f11so1449517qvs.9 for <tls@ietf.org>; Wed, 25 May 2022 09:40:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=conceptsbeyond-com.20210112.gappssmtp.com; s=20210112; h=from:mime-version:subject:message-id:date:to; bh=D4q+iotAAOW93TyjM9vzhkPYs4516PEMvfg/yb5wfKE=; b=G/yNCkXh74qtBlynH4U0bMIAMu5XuvQ0jMtxN30jpQpSI7Cd/Ivyi31wjZMsY7o+BI 0SdUPUZT9WGaVdAbgc8wpvYeg8nCnAXFT7/XPr24nm6b7ii+u0X608F6MtF1D1wleEDG JdqTGtXrTTNdDToYZNCE28j1JSC7cDgNelTZxVb2gUvItEiG7J0pfedaSuUWlLHMKpg0 0amErVQZn16EVverKHWfN3lk9xWG8+5qlue3PgtmkhQltU/7DRfWjXLo7TGuVWNPaIvD LQCFRw873MrGlNWW1Tb7elPE2jpvOo6gG7KRxOqOUoGJSfkHW7mKRkmTtNuTnoKh296o ztYg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=D4q+iotAAOW93TyjM9vzhkPYs4516PEMvfg/yb5wfKE=; b=EzILy62Nka9DUiUQOB23mbG0RI/6gzsMZUIlzvMImrl4Xsnfcg9L2EOQQ+2SSM7Gff RaMdiV86T5EwD+nsqI7zltoxd94et3NhVNW9FF/0p2UdCNw70RE7NsWynTn4PCmHg9Kv utE0wRi/dt+DqYtUC4iI/7cYrjrCI0kH282bxR77ngwrVN30Flz2ZK3Iujvu25jUaFOa SoHPfmEHsPj8yf3HasxG4JlS7JQGc7d1a8qdihnm0L12EcSrjSh0ob02shbqZpngn6Ty FsxXy7LSd0STAUZpbRtPO54ddr1Seuu+ycHQH5AKfrom1ka+3wYZN2uQt1JBOr1enVPB y9Zw==
X-Gm-Message-State: AOAM53085w1tRZavzj6LW9Wp2SQFuQbdKhqCXmbAOT8QoN8U9QBqvgYr RqdTfcGXAMZM+3j+HzF7Ocj6usNlJVxnW5NtwJa1OL3VY8A/67MiUEVDuVDQPYa2eeTT4zqTCmP ic17KbtYt1vCm1JU5TRUVIoNtpKXkvF9HcE/5gD/Ye0CPXy37e5tsFWMUInBeleCz
X-Google-Smtp-Source: ABdhPJx+HEtl6qbJOIAUEFgvybS0IEzkAokkMEJSBZmjfGcvbnKgMKdQ8M8OiyoY3/YqH8vesu1PYg==
X-Received: by 2002:a05:6214:1c83:b0:443:6801:6d06 with SMTP id ib3-20020a0562141c8300b0044368016d06mr26756657qvb.40.1653496822392; Wed, 25 May 2022 09:40:22 -0700 (PDT)
Received: from smtpclient.apple ([2600:1006:b124:19c5:79ca:c540:a19e:1d6e]) by smtp.gmail.com with ESMTPSA id f21-20020a05620a281500b0069fc13ce224sm1487459qkp.85.2022.05.25.09.40.21 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 May 2022 09:40:21 -0700 (PDT)
From: Ashley Kopman <akopman@conceptsbeyond.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_78BAF987-33D1-4264-850C-C44B87BE0609"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Message-Id: <2790C640-0841-43BC-94CA-0890ECEA672A@conceptsbeyond.com>
Date: Wed, 25 May 2022 12:40:13 -0400
To: tls@ietf.org
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3oyWElva13Qcc9XXwRkYoWOOnzo>
Subject: [TLS] Draft TLS Extension for Path Validation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 16:59:30 -0000
Hi TLS, I have just submitted a draft TLS Extension for Path Validation https://www.ietf.org/archive/id/draft-segers-tls-cert-validation-ext-00.txt <https://www.ietf.org/archive/id/draft-segers-tls-cert-validation-ext-00.txt> The proposal is for a Path Validation Extension to provide a new protocol for TLS/DTLS allowing inclusion of certificate path validation information in the TLS/DTLS handshake. Specifically, it covers the use of Server-based Certificate Validation Protocol (SCVP) for path validation. We are also finalizing a use case for civil aviation air-to-ground communications which should be submitted in the next day. Please have a look at the draft and provide feedback. Thank you, Ashley Kopman
- [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Ilari Liusvaara
- Re: [TLS] Draft TLS Extension for Path Validation Peter Gutmann
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Salz, Rich
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Eric Rescorla
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Ira McDonald
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman