Re: [TLS] I-D on TLS authentication with VC
hannes.tschofenig@gmx.net Thu, 04 April 2024 10:29 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90A8CC14F70F for <tls@ietfa.amsl.com>; Thu, 4 Apr 2024 03:29:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.093
X-Spam-Level:
X-Spam-Status: No, score=-7.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iZszMMXG5w-s for <tls@ietfa.amsl.com>; Thu, 4 Apr 2024 03:29:24 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CA96C14F5E3 for <tls@ietf.org>; Thu, 4 Apr 2024 03:29:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.net; s=s31663417; t=1712226560; x=1712831360; i=hannes.tschofenig@gmx.net; bh=J7XavXBmKl7HSOdhEcDP0soz6/AFLzr+b69YD/rSwMs=; h=X-UI-Sender-Class:From:To:References:In-Reply-To:Subject:Date; b=dPcLydiWh8PwZjvoM9uziJ0iFqjs2zpkx1DK7wiJCe33cD+kvugwoZLkk70HxZPE 85YwGTL8yP3L6VWob3dQEFPe8V3dbX4FfNxav6RQfL1RmW3OgMAGVnCzNWBrOJOg8 9ivbTgXaXwVBh78a/LCWBvwrDsOyjwhuoIrO0KyPSYgk6rmyph+F9Q3UwrrQDYSFA DfmO+luJdTAbx4soSuy2xYq1Nw3F9ezZdLuyF3SSqyaFitAscERcq/xWYAPf6Sa4d OPt4bfSMgXktMDgMatJu/bTX0a8dFTI2wA9C29GjBgssX4Uhy3jp+mZDwQ6bOxdGA f0e99U4XtQv/oZOnYQ==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from Surface ([46.125.249.92]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MIwz4-1s7Fvu1nIo-00KN6o; Thu, 04 Apr 2024 12:29:20 +0200
From: hannes.tschofenig@gmx.net
To: 'Andrea Vesco' <andrea.vesco@linksfoundation.com>, tls@ietf.org
References: <F515427B-EE5A-4514-9787-8BB3F95FC380@linksfoundation.com>
In-Reply-To: <F515427B-EE5A-4514-9787-8BB3F95FC380@linksfoundation.com>
Date: Thu, 04 Apr 2024 12:29:19 +0200
Message-ID: <01d001da867a$f43dbdb0$dcb93910$@gmx.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQG68SQoW4L9dJwPkr6gPLd+BU74TbGXExmg
Content-Language: de-at
X-Provags-ID: V03:K1:re8P2xvauB9Oc8+36gwVHROMLS261zEjjx7uq0/n/lguqGwD6JE Puq2kU8GnXOPHvdFmOoCq9Hkpad0WlzxdIo7P2+tws1FeSD+iitWpZjQCV1GM9epLicKZE6 qe4zeCd5WaPbBNoAPS9OAtWsoAigzbKludTp+1Y+V6KUhRGXDh+NV3DdgHC41O4CDxVC1To XGuTunI6kY/AeA1gbMAxg==
UI-OutboundReport: notjunk:1;M01:P0:788J4e240PA=;AABYqTdEPRrQxT12hJmTe3oeM+x qkRGv1rZTZxYZ4v7P+MlZZG4lpPNFVuP7UtvD+9Q1hB+8dfd9jTUfSXjl0Vcad4RrQI9vavHA iRYDllCtzxMzbFS2j/cf7uIPsoRz1eak0eFpJCUxO9qbsFSk7PQEqHdV/DFa4//gl583MSEar ouOP5RVQe3NQIrDIMUdiEtMSoRWImdBAAPaEekRQwidvH0gDnksA6QPoWL13L1IGykDGKE4Oc 3mPQKf7mrirzsqX4UJ5VarJhPCWvI0ZjXObvlo/mIV20Fl1bEkQZd6IucS8jmAdVAJJbaX6Tl L0tVVIeE1GGBwzJMl3N8x28melU7lsinMjpHuTDzLzRsyae4rAvsrFN3BoVtwPoGL6NrRXPxJ /L2oUEcd1PpM+5wv8IYVfG+a2G1EMrRVxt4iV44aFlMRMfWwFfufniHdzpeZAo1B3K3x3oOD1 E586i/apW6dpHHSJyTM/opBTEHQ7U1o1cl7KBhUIp29MsVx/j5KX162/b2EYBlpV8Ng84PPmH xqnhZLljNDXw0D1gSJZNVhBXS/C87fed3IWmuNnr4eMp6Bw5NE96xx7bD9UaHGKQsucEsgeeT Bd/scpdDVnlXf3roOwev+PV8LXfm0+G3SG38ME4CAL0fNNGgPK3stMwtNLergzIyYEqYBK9EC k/zTzzRY55M4WIBp3JEGR2b9qRd8SEDaOmeuaehFRZgd7pUV70OQp9LJlq7PuBBJKEIpVyMyx IaSDIpQrxKpQu90LAVURzsX2YYZPgzAY4htoy5zAzbLaZFZC905xSltCkceaJ+b4xbEqHcONR UkYPMj5SlYebovFwV3nVXKbEQ63/aOCHzh26g0lmWddu0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/auruuRdaeTPdVoUCDVyERfh-R6o>
Subject: Re: [TLS] I-D on TLS authentication with VC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 10:29:28 -0000
Hi Andrea, Thanks for sharing the info. Could you say a bit more about your IoT use case? Ciao Hannes -----Original Message----- From: TLS <tls-bounces@ietf.org> On Behalf Of Andrea Vesco Sent: Donnerstag, 4. April 2024 10:53 To: tls@ietf.org Subject: [TLS] I-D on TLS authentication with VC L. Perugini and I have written an I-D on the use of Verifiable Credentials [1][2] as an additional authentication mode in TLS. We presented the I-D to the ALLDISPATCH WG during IETF119 and the outcome was to explore the potential interest of the TLS WG. The I-D proposes to add (i) a new Certificate Type called VC in addition to X509 and RawPublicKey to the existing client_certificate_type and server_certificate_type extensions and (ii) a new extension called did_methods to carry the list of DID Methods supported by the endpoint to resolve the peer's DID during the validation of the Verifiable Credential. The I-D focuses on the IoT use case. We are aware of the current discussion in the working group about new code points and would like to know your opinion in the case of this I-D and to explore the possible interest. Thank you in advance for your feedback. I-D: https://datatracker.ietf.org/doc/draft-vesco-vcauthtls/ Code: - Provider https://github.com/Cybersecurity-LINKS/openssl-ssi-provider - OpenSSL https://github.com/Cybersecurity-LINKS/openssl [1] https://www.w3.org/TR/vc-data-model-2.0/ [2] https://www.w3.org/TR/did-core/ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] I-D on TLS authentication with VC Andrea Vesco
- Re: [TLS] I-D on TLS authentication with VC hannes.tschofenig
- Re: [TLS] I-D on TLS authentication with VC Achim Kraus
- Re: [TLS] I-D on TLS authentication with VC Andrea Vesco
- Re: [TLS] I-D on TLS authentication with VC Achim Kraus
- Re: [TLS] I-D on TLS authentication with VC Stephen Farrell
- Re: [TLS] I-D on TLS authentication with VC Achim Kraus
- Re: [TLS] I-D on TLS authentication with VC Hannes Tschofenig
- Re: [TLS] I-D on TLS authentication with VC Stephen Farrell
- Re: [TLS] I-D on TLS authentication with VC Andrea Vesco