Re: [Uta] RFC 9525 on Service Identity in TLS
Peter Saint-Andre <stpeter@stpeter.im> Wed, 08 November 2023 15:59 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BFA8C151522 for <uta@ietfa.amsl.com>; Wed, 8 Nov 2023 07:59:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=stpeter.im header.b="GCZR825y"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="gAfWzK4B"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KkZaDKmb2Vru for <uta@ietfa.amsl.com>; Wed, 8 Nov 2023 07:59:22 -0800 (PST)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5549AC1CAFFF for <uta@ietf.org>; Wed, 8 Nov 2023 07:59:18 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.west.internal (Postfix) with ESMTP id 1840532009A3; Wed, 8 Nov 2023 10:59:16 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Wed, 08 Nov 2023 10:59:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stpeter.im; h=cc :content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm1; t= 1699459155; x=1699545555; bh=vza18UT03GK3bpo8/O5Yni8NADBjnCzW13O OxSncpy0=; b=GCZR825yn85OnMMWaahfvkfjsQJXv4dx71FaPKTHDnWhF4wlCsT v6j/zZljYQeYHRGR3P8BY6cxkoCpTyKfu/Vsw2fLeDAvku0JMJON903UC2BuFF3Z Ghv06lpdgxKmQNNfO1Yz8nDwHRFRyqTkoyfZsSh88xmLdVReYX+HLHmH/ssEBX8G CycixpHIXULK6djqfDaiyRN/+cR8ppLNUm5Urt0z5rVNHwv2SshclU9JDI9loyI+ D9MqYSO0L0tJSeLM8gBki5Qa8GsYIB6Ao7vi/BJRLSWGuTaMPMromoRtsACRe6S8 T8BPui7clCrvzjGqOMYQ9cXr8vOALgDhbOg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1699459155; x= 1699545555; bh=vza18UT03GK3bpo8/O5Yni8NADBjnCzW13OOxSncpy0=; b=g AfWzK4BLGhIXlu255Y47QiG9sYgyLejPu6xUJT3P6t/zxyTZ6OD/msAJfWhtAzQy mMVaQf2lGs9puUxjO7Lr1IcrUPCipn3VpAkreSOfeOKFDil5iZ2DaGf0+G3Ykq1M WdpAzrGbOT4wZT1y95I6iil1AVrl5WTiJECWx7oGSfuxMAfCiXRPhN2B9dMGv886 KDq0kP90fgZz+uP8h2JxuFdfhqy5dQpT29S0HAhbhCuxJRDJz7QOjfHYJ5qTqV+i ZzYaauipje88tru9G2xvUkiAFt1jdMMuKsohaJYOpkWNmHxkCkBEnyx+W7jGiiHA u6AcjlrEi3XPTuPex6gnw==
X-ME-Sender: <xms:U7BLZQ-NLzQqS5Y7cLqhxhkSg-xwjPTkg-D-Et3CeRWcGioHmTSuxg> <xme:U7BLZYulxESCDxBllH0al0IqvhiuhxO1egc8nU2nW3GReUtSrB359Pfd4x4RRkTcR GYDhOpw9f-Ius0zXw>
X-ME-Received: <xmr:U7BLZWC2-RGJKXhVLanapFTVqckh2ritHs0cbOglpwNi3Jir_geZzGAyi_sN2XQS>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudduledgkeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefkffggfgfuvfhfhfgjtgfgsehtje ertddtvdejnecuhfhrohhmpefrvghtvghrucfurghinhhtqdetnhgurhgvuceoshhtphgv thgvrhesshhtphgvthgvrhdrihhmqeenucggtffrrghtthgvrhhnpeetjedutedutdehud dvheevjeehudehvedvffeufedugeegheeiuedvhefgtedtvdenucffohhmrghinhepshht phgvthgvrhdrihhmpdhrfhgtqdgvughithhorhdrohhrghdpihgvthhfrdhorhhgnecuve hluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepshhtphgvthgv rhesshhtphgvthgvrhdrihhm
X-ME-Proxy: <xmx:U7BLZQdTkKZJkMxjqb1MlbVktEDJ5Cz8zWoA549Fujs0MZuYbp_NIw> <xmx:U7BLZVNow24dIM8b7vJT0sxuaxHhXn9AscpQ-yhCLeLvk28NqfV3Zg> <xmx:U7BLZamZWGAlzWOGFx11VWmO3jh3t47ZsNewnfKXxDl9KkSCvqDvMg> <xmx:U7BLZXU_o40p2HMyXeURb6SB-ELnfKrDMkGuv6Ux0ZSXyLK-gs9ssg>
Feedback-ID: i24394279:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 8 Nov 2023 10:59:14 -0500 (EST)
Message-ID: <624109b1-409b-4678-8498-8b7c8eee82d0@stpeter.im>
Date: Wed, 08 Nov 2023 08:59:13 -0700
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: uta@ietf.org
References: <20231108124518.E9BD2119CD@rfcpa.amsl.com>
From: Peter Saint-Andre <stpeter@stpeter.im>
Autocrypt: addr=stpeter@stpeter.im; keydata= xsFNBFETDzsBEAC0FOv1N3ZJzIIxN6cKD475KVS9CHDPeYpegcOIPnL5eY1DCHeh/IwS1S7R CePtmiybNoV9FsI4PKUknzXQxA6LVEdAR/LUlhgJKjq+gsgp8lqbEILhg13ecH66HwLS9rar bQkC47T7kL8miIPBFC6E3A4Lq1L+eueO6UcLhKgoYkMxOjdiWrMgKTnVpch5ydLkPm/z0Zo8 zRgqlPuTLeCrXXZYnjHXLVFN2xy04UzOs7P5u5KVfx5Z7uQisr8pXtyLd6SpTZo6SHgKBv15 uz0rqXhsJojiGtOXfWznAjaS5FUOORq9CklG5cMOUAT8TNftv0ktsxaWDL1ELDVQPy1m7mtz o+VREG+0xmU6AjMo/GHblW1UU7MI9yCiuMLsp/HLrFuiosqLVZ85wuLQ2junPe3tK8h15Ucx IXAcpQ1VqIaDQFbeuLOXJTF8YHpHdpHYt/ZM1ll7ZBKGAo8yd7uF7wJ9D3gUazwdz9fFjWV7 oIk7ATwOlFllzmWDn+M2ygbHOGUGMX5hSaa8eDSieiR2QoLdn27Fip7kMBTJ2+GISrfnJTN/ OQvmj0DXXAdxHmu2C4QgmZbkge35n129yzXn9NcqzrGLroV62lL3LgX6cSbiH5i7GgWY6CAP b1pMogV0K475n9FvOSDRiG4QSO5yqKiA3OP5aKrIRp2TNAk4IwARAQABzSZQZXRlciBTYWlu dC1BbmRyZSA8c3RwZXRlckBzdHBldGVyLmltPsLBeQQTAQIAIwUCURMPOwIbAwcLCQgHAwIB BhUIAgkKCwQWAgMBAh4BAheAAAoJEOoGpJErxa2p6bgQAKpxu07cMDOLc4+EG8H19NWXIVVy bOEvfGuHYZaLKkPrhrMZwJiOwBpyISNRt9qzX1eLCVaojaoEVX6kD8MGc5zKFfiJZy3j7lBW l+Ybr7FfXYy2BbAXKx49e1n6ci9LmBrmVfAEaxtDNPITZ9N9oUAb9vS0nrG036EwteEHAveQ vlDjO7lhz6+Cv7lZQgBj9rZ6khfcQ4S3nSCQaKLQ9Iav4fqxI7SfuPKnx6quHX3JNLGnVo3w l+j/foCK0iTrmtHxCI3kc/bx6g32pRjHEPX0ALMBhmzU2uca+TE0zCEC96mgYXAUCwdnCFWy beIEbt6pz65iML13kAVAq0H/GqncnMGN0MbOatnw1Tdz/vkLojIy7QbPcQ0plUFxv5491xPf IrHhOWdRXp6WUt88fcqhT6MHZpVRtusj2ornKVVn+Y0GLsMMCTcrXJRG7Ao1YV72t/pJpzfG WSaaxolxDIZ6B+76jrIhUhiWgo/4nf+DN6BIlCZQ6j6xxjjx462cu02kuhIILTk2pzaMOufT BWx0uJhZk/KP2Fay/41pX7pvVOwRC4uIlKsLnJKLPS7EDa4BUUxENfd/9LqOGwlII8BbSe98 PLMI8sXkcigc3UXMVda9ll0YhQa+lbP1NaszmnBhwuiCsgnPGbImsJuRzgEEgckwP/dNeyr6 MlFMyfaezsFNBFETDzsBEADBzOsEHpUmhkRUjH9Tek87dn5P/Yh/L/HptgCGk40TL/C+kYdk d3HyteMEf061PNmsS/Rq8k37Fu3VODYb9SPYKxtgksKSYUtIkPKvao09K9QNWPqyWuNf0F+i AjVMUudaEVFJ7bHF310RDwLY5IvLeCXxtvG+Vv/i+g77d2WdPDp+zLJ8306C4yBKjSJV8xW0 cn2fd7NviIEN6cNHTsZNDZVMlgYPrxnwSq8GTEPGC7HsLIwGcx3hIe9QjnPw9CpAmQENpDEy WcxgF5uwo2NJECoDswKz1Nb0gfawF3ZIbD+GcLujTu94iJuVg25jATWm9wTgcfZo4UPllRGX dIb8uWwUFQlLQgd4ROLZZtXNGmHIymJrV2crx53gxup+1j0XqhlzKg8xbImWhEfS9oHZkRK8 VHgmWSIt7TNwNir6N5j3lqwWVBhnu6GzF01sKGNySlqNRbd0fqhakCkK71b8ot8tYTcYG5Lg 10z6HTbgQx2UwLthUjqbblDQ+GLmrOhiWklLXRsnlnPMwnEyFePAnsT5tasy2Cn9qjpttNDa h7PB8iFUi9mtTF/XDVgpFaB5G3CDV7Q2NgbAI6g6QhLIAmXzSP635G83mda0TKXHQXHDyLJT Tn+WVFU7t4m4uLt+0DsWU8jXHQWyUTNG9WPUrXhusDUAPHxFCQ/n/lQVBwARAQABwsFfBBgB AgAJBQJREw87AhsMAAoJEOoGpJErxa2pqfgP/ApN+TRu2bBIgaw1dr3AznSSha84DIpXUDh3 udZvQrGbUtz8/mA+e3iZEN/cmmBw2LGlAuQoJNILTZQ318yTP+E5QU7fJH7FVsohUyvrMfyt 3IMA9jg0Z9MuloLezvIjjMfFeNa0ROgDb/ubOT7JQzi1kwN8Lu3lO80HwqBHXEeOLoislUSn ZajRKvITbKWkZ6PHRjlMw1Wk4oIi6VLHgGgj79zzL3uhML2663m7imShvz1QcHTwvyR5i8cZ bNOEkotZyERiA1p7YHuruS+QvTi3ZPoQbnMUB3a7py9d11bw1+w3LiAUGZE/z5hBWOFxYtw+ w/U/Vx0BwJGYlwU3M2W20uEXe+qxz7wnakygKjmLiD2z4njfKjcNCiV3FmXrpmWgADln1c4j fxDh0NrndrsM8FPDf1TMPtOZgFDkKripc9xkZ/25P6xn27oTOHWKcAC0QhxSH+HuVBBRk8Ag F+zAbDZe4/L6+kanSrycIXW+wCzwBq61aWsz2QhhuKjozVkhk4dRG+CfjzAFjnyxwYERn3uX VKQAwTwcdNcTI9RV98IsNrw9Y4lJEAg6CjNPmiD5+EASycqaOuToRSGukr8sOQLWLPyTnez/ aG8Xf7a+fntWzK2HuDYoSDhJJrylWw/lMklOBm4wtMeNA0zcQH6AQV/GzQVQkSGqrLuMVIV/
In-Reply-To: <20231108124518.E9BD2119CD@rfcpa.amsl.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/d9TzhHuwQJlq9kKHeYgQ0Z1j4Wc>
Subject: Re: [Uta] RFC 9525 on Service Identity in TLS
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2023 15:59:27 -0000
Thanks to everyone who provided feedback on this document. This will be my final RFC. [1] It was a pleasure working with you all. Peter [1] https://stpeter.im/journal/1829.html On 11/8/23 5:45 AM, rfc-editor@rfc-editor.org wrote: > A new Request for Comments is now available in online RFC libraries. > > > RFC 9525 > > Title: Service Identity in TLS > Author: P. Saint-Andre, > R. Salz > Status: Standards Track > Stream: IETF > Date: November 2023 > Mailbox: stpeter@stpeter.im, > rsalz@akamai.com > Pages: 25 > Obsoletes: RFC 6125 > > I-D Tag: draft-ietf-uta-rfc6125bis-15.txt > > URL: https://www.rfc-editor.org/info/rfc9525 > > DOI: 10.17487/RFC9525 > > Many application technologies enable secure communication between two > entities by means of Transport Layer Security (TLS) with Internet > Public Key Infrastructure using X.509 (PKIX) certificates. This > document specifies procedures for representing and verifying the > identity of application services in such interactions. > > This document obsoletes RFC 6125. > > This document is a product of the Using TLS in Applications Working Group of the IETF. > > This is now a Proposed Standard. > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see https://www.rfc-editor.org/search > For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > Association Management Solutions, LLC > > > _______________________________________________ > Uta mailing list > Uta@ietf.org > https://www.ietf.org/mailman/listinfo/uta
- [Uta] RFC 9525 on Service Identity in TLS rfc-editor
- Re: [Uta] RFC 9525 on Service Identity in TLS Peter Saint-Andre
- Re: [Uta] RFC 9525 on Service Identity in TLS Valery Smyslov
- Re: [Uta] RFC 9525 on Service Identity in TLS Sean Turner