Re: [TLS] Implementation survey: Client Certificate URL extension

To: <Pasi.Eronen at nokia.com>
Subject: Re: [TLS] Implementation survey: Client Certificate URL extension
From: Rob Dugal <RDugal at certicom.com>
Date: Tue, 18 Mar 2008 09:09:16 -0400
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <1696498986EFEC4D9153717DA325CB7223A82C at vaebe104.NOE.Nokia.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces at ietf.org

Certicom's Security Builder SSL-C toolkit supports the client_certificate_url extension. Use of the hash is optional but recommended.
The toolkit is a C language SDK for creating client or server applications,with support for SSLv2, SSLv3, TLS v1.0, TLS v1.1, DTLS v1.0.

-----------------------------------------------
Robert Dugal
Member of Development Group
Certicom Corp.
EMAIL: rdugal at certicom.com
PHONE: (905) 501-3848
FAX : (905) 507-4230
WEBSITE: www.certicom.com

tls-bounces at ietf.org wrote on 03/18/2008 07:39:49 AM: > Hi, > > We currently have two open technical issues for 4366bis, > both related to the Client Certificate URL extension (#45 > about making the hash mandatory; and #46 on how to do > algorithm agility). > > The proposal in IETF71 was to make including the hash a MUST > (regardless of TLS version number), and handle algorithm agility > with a new extension number later (if it turns out something > actually needs to be done). > > However, making the hash mandatory has some potential for interop > problems (if there are old implementations which don't send it). > > If you have implemented, or have heard of someone implementing, > the client_certificate_url extension, please send email. > Additional details (is this a client, server, or both; do you > send the hash, etc.) are welcome but not required. > > Best regards, > Pasi > _______________________________________________ > TLS mailing list > TLS at ietf.org > https://www.ietf.org/mailman/listinfo/tls

_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- [TLS] Implementation survey: Client Certificate URL extension
  - From: Pasi.Eronen

Prev by Date: [TLS] Implementation survey: Client Certificate URL extension
Next by Date: Re: [TLS] Implementation survey: Client Certificate URL extension
Previous by thread: [TLS] Implementation survey: Client Certificate URL extension
Next by thread: Re: [TLS] Implementation survey: Client Certificate URL extension
Index(es):
- Date
- Thread

Re: [TLS] Implementation survey: Client Certificate URL extension

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.