Limited Use of Remote Keys, Protocol and Reference.
|Document||Type||Expired Internet-Draft (individual)|
|Last updated||2016-10-06 (latest revision 2016-04-04)|
|Intended RFC status||(None)|
Expired & archivedpdf htmlized (tools) htmlized bibtex
|Stream||Stream state||(No stream defined)|
|RFC Editor Note||(None)|
|Send notices to||(None)|
The Limited Use of Remote Keys (LURK) BOF has been scheduled with the objective of discussing approaches to mitigating security risks to TLS private keys. In particular in situations where a Content Delivery Network (CDN) is used to deliver content and thus the party that is being authenticated is not the party that the user is attempting to authenticate. Three classes of solution are considered, short term credentials, a remote service offering to perform private key operations and a remote service that is further constrained through the use of some form of threshold approach. A JSON/HTTP protocol implementing the second and third protocol is demonstrated and documented.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)