Re: [TLS] draft-rescorla-tls-subcerts

Ilari Liusvaara <ilariliusvaara@welho.com> Fri, 08 July 2016 10:09 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCF8412D115 for <tls@ietfa.amsl.com>; Fri, 8 Jul 2016 03:09:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.326
X-Spam-Level:
X-Spam-Status: No, score=-3.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fYfEn1o38W5f for <tls@ietfa.amsl.com>; Fri, 8 Jul 2016 03:09:38 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) by ietfa.amsl.com (Postfix) with ESMTP id AF96712D107 for <tls@ietf.org>; Fri, 8 Jul 2016 03:09:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 3064F4A00; Fri, 8 Jul 2016 13:09:37 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id I8QpFxPiOPFb; Fri, 8 Jul 2016 13:09:36 +0300 (EEST)
Received: from LK-Perkele-V2 (87-100-177-32.bb.dnainternet.fi [87.100.177.32]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id D9C8027F; Fri, 8 Jul 2016 13:09:36 +0300 (EEST)
Date: Fri, 8 Jul 2016 13:09:34 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Kyle Rose <krose@krose.org>
Message-ID: <20160708100934.GA14077@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CABcZeBP+6AP50L06knsnOmyMqbv3fFw6TrcSrqs0x9FgoxyKcw@mail.gmail.com> <20160707221324.GA13128@LK-Perkele-V2.elisa-laajakaista.fi> <CAJU8_nWvqcAPiT03eLrvYGxFYf3hL4QpLw529yVS+f1hgBpycA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAJU8_nWvqcAPiT03eLrvYGxFYf3hL4QpLw529yVS+f1hgBpycA@mail.gmail.com>
User-Agent: Mutt/1.6.0 (2016-04-01)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/XfBdYaJ6zg5RBAX3Qeq75jESMnc>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-rescorla-tls-subcerts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 10:09:41 -0000

On Thu, Jul 07, 2016 at 08:08:11PM -0400, Kyle Rose wrote:
> On Thu, Jul 7, 2016 at 6:13 PM, Ilari Liusvaara <ilariliusvaara@welho.com>
> wrote:
> 
> >
> > I also checked if one could do some funky stuff with credential lifetime
> > notation to limit the lifetime. Nothing came up (apart for using 16-bit
> > count in decaseconds (das) only allowing presenting lifetimes up to 7
> > days, 14 hours, 2 minutes and 30 seconds). :->
> >
> 
> What would it be anchored to if it's not an absolute time? 

There is validity start time in there, the relative end time would
be relative to that.

That is, instead of saying "this is valid from t1 to t2", saying "this
is valid from t to t+dt".

No real perference either way, it was just an experiment to play with
time notations.


-Ilari