A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : TLS Server Identity Pinning with Tickets
Author : Yaron Sheffer
Filename : draft-sheffer-tls-pinning-ticket-01.txt
Pages : 16
Date : 2016-02-06
Abstract:
Fake public-key certificates are an ongoing problem for users of TLS.
Several solutions have been proposed, but none is currently in wide
use. This document proposes to extend TLS with opaque tickets,
similar to those being used for TLS session resumption, as a way to
pin the server's identity. That is, to ensure the client that it is
connecting to the right server even in the presence of corrupt
certificate authorities and fake certificates. The main advantage of
this solution is that no manual management actions are required.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-sheffer-tls-pinning-ticket/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-01
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-sheffer-tls-pinning-ticket-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
