[TLS] code point assignments for draft-ietf-tls-subcerts

Sean Turner <sean@sn3rd.com> Wed, 22 January 2020 17:17 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 6E90812024E for <tls@ietfa.amsl.com>; Wed, 22 Jan 2020 09:17:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wBCPIzZ0Er31 for <tls@ietfa.amsl.com>; Wed, 22 Jan 2020 09:17:33 -0800 (PST)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B547012020A for <tls@ietf.org>; Wed, 22 Jan 2020 09:17:27 -0800 (PST)
Received: by mail-qk1-x730.google.com with SMTP id c17so443426qkg.7 for <tls@ietf.org>; Wed, 22 Jan 2020 09:17:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=kqA+1nKVXeyg0fw9TdtpszmY0ysO2eOMFNr3SagajUs=; b=SaKp/+G4mQ5Wow/J76yN11OPXRtA3NdZMS1tGFB5bKTO5q+uaPimn2Ks9Mhl7LZSiH mAe26KsJusuVWyIp+ngx6Wv/XPGLa1xsJA/vtkmccliQvyP/L41hgK32R2zGj0VBFZbX pcO3XdcLF3Z0zJorPPsZyGsQ2siiXTJ6MLp/M=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=kqA+1nKVXeyg0fw9TdtpszmY0ysO2eOMFNr3SagajUs=; b=c2WTuuzv9tfuUtD1uynOIsue7WvVIXs9xBLGTuJKkjaKOW3TgoTylPiWVPwlBZdeqw oMdCigH6CWHhbpcpERhY2y1KEBRSNcd2mmjkWxWKmW44KD8p7IhlmBnOcNO2kKAKJyM1 kvHFPh2grdf4gwuyhbSGkthaUaEvo7csDTmiFO0yLH0ENO8nU4tJeG3ML90YyKOtldka lfFHQ5hGzDQJhgn1OHfw+1jiXHc+wsiqjfPTWgwhiiKx/60LplHgz0diF/zZ3oKCcE0V nzrA293/EUyxEBtRDU/90/QC4fEvpbA59mxevZXd6QYnkXGhiWYacFLSFP8IU1FZL8+h D1Vw==
X-Gm-Message-State: APjAAAW1UT6o7HtkUtFCqc9ReKQbprlO8+qGbOvuDFqnisTc3x/Uo5i2 bVPhgp7awKODbhx61y0sOMSBExnIMXg=
X-Google-Smtp-Source: APXvYqzSY+Y1HurcJvNecFR5UwjLTXqJWY9kGyej+xbwZ19XEbX9wzqeBl3QLtHWp5+ZMhR27Zly5g==
X-Received: by 2002:a37:4702:: with SMTP id u2mr11396498qka.106.1579713446424; Wed, 22 Jan 2020 09:17:26 -0800 (PST)
Received: from sn3rd.lan ([]) by smtp.gmail.com with ESMTPSA id u57sm21134088qth.68.2020. for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Jan 2020 09:17:26 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <19B416A1-2605-4EA1-9E89-744C17B35F2E@sn3rd.com>
Date: Wed, 22 Jan 2020 12:17:25 -0500
To: TLS List <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AmQX9EF5n2z5_uL6bGWoXCeZLJA>
Subject: [TLS] code point assignments for draft-ietf-tls-subcerts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jan 2020 17:17:35 -0000


The chairs want to determine whether we should ask for the assignments requested in draft-ietf-tls-subcerts [0][1].  We believe the draft is stable enough and that there is interest from multiple implementers.  Please let the WG know by 2359 UTC 05 February 2020 whether you disagree with these code point allocations and why.

What follows are the two request of IANA; one for the TLS DEs and one for the PKIX DE:

1. TLS ExtensionType Registry Request

This document registers the "delegated_credentials" extension in the
"TLS ExtensionType Values" registry.  The "delegated_credentials"
extension has been assigned a code point of TBD.  The IANA registry
lists this extension as "Recommended" (i.e., "Y") and indicates that
it may appear in the ClientHello (CH), CertificateRequest (CR), or
Certificate (CT) messages in TLS 1.3 [RFC8446].

2. SMI Security for PKIX Registry Request

This document also defines an ASN.1 module for the DelegationUsage
certificate extension in Appendix A.  IANA is requested to register
an Object Identifier (OID) for the ASN.1 in "SMI Security for PKIX
Module Identifier" arc.  An OID for the DelegationUsage certificate
extension is not needed as it is already assigned to the extension
from Cloudflare's IANA Private Enterprise Number (PEN) arc.


Joe, Chris, and Sean

[0] https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/
[1] https://github.com/tlswg/tls-subcerts