W3C home > Mailing lists > Public > public-webid@w3.org > March 2016

TLS1.3 certificate selection by the server

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 16 Mar 2016 12:53:08 +0100
Message-Id: <98A9CB6D-4358-4F06-B953-2FA825EB28B9@bblfish.net>
To: WebID <public-webid@w3.org>
Regarding 

ISSUE-59: Filtering & Versioning WebID Certificates
https://www.w3.org/2005/Incubator/webid/track/issues/59

ISSUE-62: null certificate_authorities list
https://www.w3.org/2005/Incubator/webid/track/issues/62

TLS 1.3 seems to have new functionality which may help. See
"certificate_extensions" section in 

http://tlswg.github.io/tls13-spec/#certificate-request 

I am not sure from reading this wether this allows for existential quantification:
ie give me a certificate that has a subject alternative name, without specifying exactly
which one.

Henry
Received on Wednesday, 16 March 2016 11:53:11 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 16 March 2016 11:53:11 UTC