Technical Summary
The organizational separation between operators of TLS and DTLS
endpoints and the certification authority can create limitations.
For example, the lifetime of certificates, how they may be used, and
the algorithms they support are ultimately determined by the
certification authority. This document describes a mechanism to
overcome some of these limitations by enabling operators to delegate
their own credentials for use in TLS and DTLS without breaking
compatibility with peers that do not support this specification.
Working Group Summary
There is good consensus for this document with the working group. There was
some delay in getting issues addressed from the previous WGLC and a delay in
publishing a revised draft with the required changes. There is interest in the
working group to see this document move forward.
Document Quality
Several vendors have indicated they will support the draft and more than one
implementation exists. There are test vectors available for the draft, but the
authors and chairs decided to wait until they are verified before including
them in the draft.
Personnel
Joe Salowey is the document Shepherd.
Paul Wouters is the Responsible Area Director.
The IANA Expert(s) for the registries in this document are Yoav Nir, Rich Salz, Nick Sullivan.