Limited Use of Remote Keys, Protocol and Reference.
Expired & archived
|Last updated||2016-10-06 (Latest revision 2016-04-04)|
|Intended RFC status||(None)|
|Stream||Stream state||(No stream defined)|
|RFC Editor Note||(None)|
|Send notices to||(None)|
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
The Limited Use of Remote Keys (LURK) BOF has been scheduled with the objective of discussing approaches to mitigating security risks to TLS private keys. In particular in situations where a Content Delivery Network (CDN) is used to deliver content and thus the party that is being authenticated is not the party that the user is attempting to authenticate. Three classes of solution are considered, short term credentials, a remote service offering to perform private key operations and a remote service that is further constrained through the use of some form of threshold approach. A JSON/HTTP protocol implementing the second and third protocol is demonstrated and documented.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)