There is some interesting work going on in the TLS WG, which should allow a client to specify that the certificates requested for example contained a Subject Alternative Name or an Issuer Alternative Name in the form of a dereferenceable URI . We'd just need to specify an OID for an extension, which in our case could just be set as a flag I suppose (I don't have much expereince with extensions and OIDs) https://github.com/tlswg/tls13-spec/pull/209 This would allow us then to close http://www.w3.org/2005/Incubator/webid/track/issues/62 Simultaneously on the HTTP WG there is an interesting discussion of what if any problems HTTP/2.0 poses for TLS authentication I am a bit surprised, but it may look like there really is not a real problem: https://lists.w3.org/Archives/Public/ietf-http-wg/2015JulSep/0377.html Henry Social Web Architect http://bblfish.net/Received on Monday, 21 September 2015 14:41:14 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:59 UTC