Skip to main content

Deploying Publicly Trusted TLS Servers on IoT Devices Using SNI-based End-to-End TLS Forwarding (SNIF)
draft-zubov-snif-04

Document Type Expired Internet-Draft (individual)
Author Jim Zubov
Last updated 2022-08-20 (Latest revision 2022-02-16)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
Additional resources Additional Web Page
GitHub Repository
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

This document proposes a solution, referred as SNIF, that provides the means for any Internet connected device to: * allocate a globally unique anonymous hostname; * obtain and maintain a publicly trusted X.509 certificate issued for the allocated hostname; * accept incoming TLS connections on specific TCP ports of the allocated hostname from any TLS clients that are capable of sending Server Name Indication. The private key associated with the X.509 certificate is securely stored on the TLS terminating device, and is never exposed to any other party at any step of the process. About This Document This note is to be removed before publishing as an RFC. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-zubov-snif. Information can be found at https://snif.host. Source for this draft and an issue tracker can be found at https://github.com/vesvault/snif-i-d.

Authors

Jim Zubov

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)