[TLS] Encoding of delegated credential distribution
Paul Yang <kaishen.yy@alipay.com> Thu, 02 April 2020 06:12 UTC
Return-Path: <kaishen.yy@alipay.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E07A53A08AC for <tls@ietfa.amsl.com>; Wed, 1 Apr 2020 23:12:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alipay.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0y-A3cCfYqJZ for <tls@ietfa.amsl.com>; Wed, 1 Apr 2020 23:12:29 -0700 (PDT)
Received: from out0-142.mail.aliyun.com (out0-142.mail.aliyun.com [140.205.0.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1047E3A08AB for <tls@ietf.org>; Wed, 1 Apr 2020 23:12:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alipay.com; s=default; t=1585807944; h=From:Content-Type:Mime-Version:Subject:Message-Id:Date:To; bh=6EM2fCKmlKLV1EyoexydqSBRsKZh8MbZ5jOSudZKgIg=; b=QuzuVDA3U4S2v5Jxp80C/Ujlnj7ODUCj+E3F46ZWoVXN9VLgESuE7du/PNRlfX4s43ziUdAALHNAr2+KiKsqo7Y7H5DgRjSe0odqg6qKiELrBAJZjmyfIqfxJ/kB/R96FWAPPpQ6YMvg20C+pWYQTyaVlVMta+QP+IHo86iB5yg=
X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R111e4; CH=green; DM=||false|; DS=||; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e01a16370; MF=kaishen.yy@alipay.com; NM=1; PH=DS; RN=1; SR=0; TI=SMTPD_---.H9LNTWW_1585807941;
Received: from 10.15.232.12(mailfrom:kaishen.yy@alipay.com fp:SMTPD_---.H9LNTWW_1585807941) by smtp.aliyun-inc.com(127.0.0.1); Thu, 02 Apr 2020 14:12:21 +0800
From: Paul Yang <kaishen.yy@alipay.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.40.2.2.4\))
Message-Id: <3BFEDA02-D5AD-4616-9BA6-7556A6A6049B@alipay.com>
Date: Thu, 02 Apr 2020 14:12:21 +0800
To: TLS List <tls@ietf.org>
X-Mailer: Apple Mail (2.3608.40.2.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jl1AcPm_fW6v5W7PgQr8Df6v3-Q>
Subject: [TLS] Encoding of delegated credential distribution
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2020 06:12:32 -0000
Hi all,
When reading the latest draft of delegated credentials, I didn’t any description about how to distribute a credential from the backend to frontend. As described in the draft:
Delegated credentials:
Client Front-End Back-End
| |<--DC distribution->|
|----ClientHello--->| |
|<---ServerHello----| |
|<---Certificate----| |
|<---CertVerify-----| |
| ... | |
Do we need to define some sorts of encoding schemes for the <DC distribution> part?
Regards,
Paul Yang
- [TLS] Encoding of delegated credential distributi… Paul Yang
- Re: [TLS] Encoding of delegated credential distri… Nick Sullivan