Re: [TLS] OID for delegated credentials
Sean Turner <sean@sn3rd.com> Thu, 09 August 2018 12:37 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A89D4130DCC for <tls@ietfa.amsl.com>; Thu, 9 Aug 2018 05:37:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pYRZp-y-9GM3 for <tls@ietfa.amsl.com>; Thu, 9 Aug 2018 05:37:52 -0700 (PDT)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2B2D128CB7 for <tls@ietf.org>; Thu, 9 Aug 2018 05:37:52 -0700 (PDT)
Received: by mail-qk0-x229.google.com with SMTP id u21-v6so3886126qku.2 for <tls@ietf.org>; Thu, 09 Aug 2018 05:37:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PmyyIf2Z4i2I5Eub6CcpbX1BlQnFuYXwGfOxLNiA/ZM=; b=dGmuz5Y5mKelYWYgulQG/RMThy+1SB4CZ/rLRFKpaOLEargcexbHIU9XnoKlIcXmj0 VJfcDn+o3PpvcLWbhT82FXmF+x3kC/zcl2vzUFWDo+czcAJ4m8XPSO7MOqWK6m6jIYv0 BhoaA8LVziScfZQAOQLn4+PBPvfYVHXbj3RSE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PmyyIf2Z4i2I5Eub6CcpbX1BlQnFuYXwGfOxLNiA/ZM=; b=O/CXM81u+2evEFTlUNKchF4qfdzKlaCRut9SPlxhuBmQmhXqmRKCja5eOe9oM/HLNR si1E9wGQkQICxSBwAE+gXPhGewDi2aMIUTOEOhsuXcz3+Bz99t27w0hs1ZcJU+RpPFei fJ+qsdLc52ZX1MQkM16DzH0lFiVp4VJpsVUwgtkh2wip8M/IyVBT3Bjnc90RW9iHjJwo zTvJk+RSi4dw8zWp/HUdMDHBSAxi/9wfqZQZ3/mFkIAHFucUraNlMfqIqg/DI7B1lBpr 0qKvtC8WYrzFZQHadOwtNN3tr2x2DsjEDbytBiZxl3TNXtLVvDINt9uSw+tPYKgUi3dw SaWw==
X-Gm-Message-State: AOUpUlHLCxQTFkHTumzOGpyUtmUwUl21PpHkq2xUSDbYvk0mbRQP3mOB 5cDOMzk8KTaXd2IqbF86tAtZwkBmmms=
X-Google-Smtp-Source: AA+uWPxBY1gcm3M+v2fqPQcYAWOjru8tKs4pQrjx39+Pb5oYKxToMTwOym3QlAtxcvHBQVXXkdLbiQ==
X-Received: by 2002:a37:5a06:: with SMTP id o6-v6mr1645482qkb.44.1533818271895; Thu, 09 Aug 2018 05:37:51 -0700 (PDT)
Received: from [172.16.0.18] ([96.231.225.148]) by smtp.gmail.com with ESMTPSA id o26-v6sm4409676qtk.4.2018.08.09.05.37.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Aug 2018 05:37:51 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <MWHPR15MB1821DFD41E3FD8CD687924F5B6250@MWHPR15MB1821.namprd15.prod.outlook.com>
Date: Thu, 09 Aug 2018 08:37:50 -0400
Cc: "tls@ietf.org" <tls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <19F8F17B-88FB-463D-BB92-70F8AF8377BC@sn3rd.com>
References: <MWHPR15MB1821DFD41E3FD8CD687924F5B6250@MWHPR15MB1821.namprd15.prod.outlook.com>
To: Subodh Iyengar <subodh@fb.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/cjsKv5yPpJ4ey3Mnssc_rgU0SW4>
Subject: Re: [TLS] OID for delegated credentials
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Aug 2018 12:37:55 -0000
Ah okay you didn’t put that OID in the draft (excellent)! The other option is to get it from the PKIX id-pe arc (https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#smi-numbers-1.3.6.1.5.5.7.1)*. Whatever you do don’t use 30 or 31 ;). To get an early assignment, we basically just need to figure out whether you think this is stable enough to go through the early assignment process. spt * Russ Housley is the designated expert for the arc. > On Aug 9, 2018, at 01:07, Subodh Iyengar <subodh@fb.com> wrote: > > We've been kicking this can down the road for a while, but we probably should choose an OID for Delegated credentials > > So far we've been doing interop with Cloudflare's OID of 1.3.6.1.4.1.44363.44. I'd be fine with putting that as the final OID the draft. Does anyone have any thoughts on whether we should / should not do this and use a different OID instead. > > Cheers, > Subodh > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] OID for delegated credentials Subodh Iyengar
- Re: [TLS] OID for delegated credentials Sean Turner
- Re: [TLS] OID for delegated credentials Melinda Shore