Re: [TLS] Maximum lifetime for Delegated Credentials

"Martin Thomson" <mt@lowentropy.net> Thu, 21 November 2019 05:35 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F220120971 for <tls@ietfa.amsl.com>; Wed, 20 Nov 2019 21:35:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=qXbgWDyr; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=OAvjV9vJ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RC2PTOkJ9DGi for <tls@ietfa.amsl.com>; Wed, 20 Nov 2019 21:35:05 -0800 (PST)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8CF9120044 for <tls@ietf.org>; Wed, 20 Nov 2019 21:35:04 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id EDADB2243D for <tls@ietf.org>; Thu, 21 Nov 2019 00:35:03 -0500 (EST)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Thu, 21 Nov 2019 00:35:03 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm3; bh=cFST63UDqFkF7wbH8ECVUelC8t1vHjn 1MW770ipM1D8=; b=qXbgWDyr7SLCXmr/MWyczv/y72n4pudr2MKkJu2ixYHugXp ll3EaVdNRh5UGgyqDMToaA6zHw0RqxDxaMqF7c0+9I/GoHeFJpSMavBJnfnQKxL4 hnnVBfDu/ueIPYIvJjH1ZziXMXCx3xArwK5sfHTxrD0kSfESmOdRINKlIwMqq8j2 jyW5SqkkojQI88e/gffsswfA/Py1ZyeLSp8ujzK5/ahXzlVh4oStgFUwbFZSAnMi smABcukyNaUbfMEBfa8K/2qanwL/Qzcpdgs34EXpP7TRp7YrhUF6WBUKM2k1QgaZ RcgczqefFgPkrqN4lMI6rv1tzVVcLc21BEJhVFA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=cFST63 UDqFkF7wbH8ECVUelC8t1vHjn1MW770ipM1D8=; b=OAvjV9vJOOx0W/QX/prjgZ Gi2JkT2d54czULHfkq4gY7T+5Sx9X0LuTdUl18bwiMMXSduPqmjjATB6HzFxgDmb IA6Fzb+zWI4Pm1O3D6IpQcIxQD7iz+Ig+KJTL0RpXwLrN/h3kCc4jfsKKwW9zHiN un5oeRHo/9hDBvd6IJHQ7e3cbkMaz8j+gx4Qrx4xb92EmxonOr9oKLUHlotBbeLD gW7VMH3sPxQcOHPx3mYzZaaRf6Pkx3ghk4xaTS3vp0oN+EzDeaZoLvwWNTw8vSh9 4ddvca/3K8TlAR3wR+kxytKxDrJ2n3fPRDkPvX/uHX5V+R/qtyxSUWp2EoZardAA ==
X-ME-Sender: <xms:ByLWXR1rB9nGvbWOJ26-qe3vTTD-JwnFSmeuSC0C0eoQNcpg6gvVIQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrudehuddgkeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucffohhmrghinhepghhithhhuhgsrdgtohhmnecurf grrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvghtnecuvehl uhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:ByLWXUaWy7jb0bqA1n7P-9DzqBQHwM6pzLOvOTF_2_ecvODgmgXOXg> <xmx:ByLWXUrpOOM_niAv0QQ-PwGd0jYpX4CX9aovJ9D0rIScQ7Wva8Bsag> <xmx:ByLWXQpwn_X_YUDcPYlNTDd4i2tlK79oNdZzsH5j8T215WQjhDxoHA> <xmx:ByLWXUg1Y9OaDtyZmTPSFn3F9TvCCktWovg-zDneWqRla6dhksBrZw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 9BB2FE00B1; Thu, 21 Nov 2019 00:35:03 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-578-g826f590-fmstable-20191119v1
Mime-Version: 1.0
Message-Id: <241d389b-3f64-4b8f-8cb3-0f07e20252b3@www.fastmail.com>
In-Reply-To: <CAFDDyk9CuvqSK68dABZi0asuRZVYyZvfyM1te2-GFNWF-WwB8w@mail.gmail.com>
References: <CAFDDyk9CuvqSK68dABZi0asuRZVYyZvfyM1te2-GFNWF-WwB8w@mail.gmail.com>
Date: Thu, 21 Nov 2019 13:34:40 +0800
From: "Martin Thomson" <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/pl4IbE_5ICgFSg6K2-g41Zdb4SM>
Subject: Re: [TLS] Maximum lifetime for Delegated Credentials
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2019 05:35:06 -0000

On Thu, Nov 21, 2019, at 11:17, Nick Sullivan wrote:
> https://github.com/tlswg/tls-subcerts/pull/45

Thanks for putting this together Nick.  This PR cleanly captures the resolution of the discussion.