I have been trying to enabled MTLS (that's what it's traditionally been called) for at least 25 years. It's harder than it looks primarily because the user won't tolerate it  Perhaps with an AI user agent it will work. That's where I am putting my effort today.

thx ..Tom (mobile)

On Fri, Dec 6, 2024, 10:51 AM Salvatore D'Agostino <sal@idmachines.com> wrote:

Yes, interesting, passing along. Thanks Dan.

 

Building on TLS 1.3 for client/server makes a lot of sense.

 

Here is the technical article referenced in the blog post.

 

1063.pdf

 

The record layer effectively uses a receipt.

 

From: Daniel Schleifer <dan@idmachines.com>
Sent: Friday, December 6, 2024 1:00 PM
To: Salvatore D'Agostino <sal@idmachines.com>
Subject: Certificate usage

 

 

Hi Sal,

I saw this article and thought it was interesting.

https://brave.com/blog/distefano/ 

 

 

_______________________________________________
A Community Group mailing list of KantaraInitiative.org
Wg-pemc mailing list -- wg-pemc@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.org
List archives --  https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiative.org/
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc