Technical Summary
This document specifies the use of the KeyNote trust-management
system as an authorization extension in the Transport Layer
Security (TLS) Handshake Protocol, according to [AUTHZ].
Extensions carried in the client and server hello messages
confirm that both parties support the desired authorization
data types. Then, if supported by both the client and the
server, KeyNote credentials are exchanged during the
supplemental data handshake message.
Working Group Summary
This document is an independent submission.
Document Quality
While there is no existing implementations of the protocol,
implementation should be straightforward with appropriate TLS
toolkits. Future versions of the keynote distribution are
expected to include any necessary functionality to encode
and decode the required data structures.
Personnel
Tim Polk reviewed this document for the IESG.
RFC Editor Note
Proposed response to the RFC Editor
1. The IESG has concluded that there is no conflict between this
document and IETF work.