Limited Use of Remote Keys, Protocol and Reference.
draft-hallambaker-lurk-02

Document Type Expired Internet-Draft (individual)
Last updated 2016-10-06 (latest revision 2016-04-04)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-hallambaker-lurk-02.txt

Abstract

The Limited Use of Remote Keys (LURK) BOF has been scheduled with the objective of discussing approaches to mitigating security risks to TLS private keys. In particular in situations where a Content Delivery Network (CDN) is used to deliver content and thus the party that is being authenticated is not the party that the user is attempting to authenticate. Three classes of solution are considered, short term credentials, a remote service offering to perform private key operations and a remote service that is further constrained through the use of some form of threshold approach. A JSON/HTTP protocol implementing the second and third protocol is demonstrated and documented.

Authors

Phillip Hallam-Baker (philliph@comodo.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)