[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jessie-discuss] TLS Delegation
From: |
Casey Marshall |
Subject: |
Re: [Jessie-discuss] TLS Delegation |
Date: |
Fri, 22 Jul 2005 21:26:25 -0700 |
On Jul 23, 2005, at 12:15 PM, andrew cooke (noao) wrote:
Hi,
Does jessie have support for "TLS Delegation" as described in
draft-ietf-tls-delegation-01.txt (eg
http://www.ietf.org/proceedings/02mar/I-D/draft-ietf-tls-
delegation-01.txt)
I'm afraid not; this is actually the first I've heard of that or seen
the Internet-Draft.
This allows the creatoin of a proxy cert on the server, signed by
the client.
If not, does any other JSSE implementation do so?
I don't know of any, but I would doubt that any would, if this is a
somewhat obscure feature, that was never finalized as an RFC.
This is used in grid
computing, typically, where a user transfers authority to a service
working on tehir behalf.
It sounds interesting!
Perhaps — and this is something I've thought of just now — the best
way to implement something like this (and, any other TLS extensions
that add a new content type) would be to allow pluggable content-type
handlers, where you can register a handler for a given content-type,
and Jessie would delegate to that code when such a message was received.
I'm in the middle of reworking Jessie, mostly to support nonblocking
I/O, but I'll consider doing something like this.