Russ Housley wrote:
2) If this was published in a more academic environment, it would be
proper (and required) to cite related work, tracing the source of
ideas that were not entirely new. We don't usually have extensive
citations in RFCs, but in this context, perhaps it would be
appropriate to mention the previous proposal for sending ACs in TLS
(draft-ietf-tls-attr-cert from 1998) in the Acknowledgements section.
This takes a very different approach. Stephen and I co-authored RFC
3281, which is referenced. I do not think that Stephen's ideas about
integrating Attribute Certificates into TLS had any impact on the
design in the current document.
Well, while draft-ietf-tls-attr-cert certainly contains a lot of
stuff that isn't in draft-housley-tls-authz-extns (such as AC
acquisition, hints about what ACs the client should consider
presenting, etc.), there's some overlap as well.
For example, a very basic case where the client presents an AC
containing a role or security clearance to the server, and the
server uses this to determine what the client is authorized to
access, is explicitly mentioned in both documents, and would work
almost identically.
Best regards,
Pasi
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf