From 6586c659b1722f754db8e315ebdd9145a904bca4 Mon Sep 17 00:00:00 2001 From: ID Bot Date: Tue, 21 Nov 2023 15:54:35 +0000 Subject: [PATCH] Script updating gh-pages from bca3651. [ci skip] --- draft-vesco-vcauthtls.html | 3 ++- draft-vesco-vcauthtls.txt | 14 +++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/draft-vesco-vcauthtls.html b/draft-vesco-vcauthtls.html index 53e33a0..c77bcc4 100644 --- a/draft-vesco-vcauthtls.html +++ b/draft-vesco-vcauthtls.html @@ -1397,7 +1397,8 @@

6.2. Mutual authentication with Verifiable Credentials

-

This section shows an example where the TLS client as well as the TLS server use VCs for authentication. In fact the server selects VC for both client_cert_types and server_cert_types extensions and in the CertificateRequest message sends the did_methods extension with a set of DID methods both endpoints have in common.

+

This example shows a TLS 1.3 handshake with mutual authenitcation. Both client and server select their Verifiable Credential for authentication. +The client sends the did_methods extension along with the server_certificate_type extension set to VC as the first option. The server sends the server_certificate_type set to VC, the client_cert_type set to VC and the CertificateRequest message together with the did_methods extension with a set of DID Methods both endpoints have in common. Both client and server send their Verifiable Credential into their respective Certificate message.

diff --git a/draft-vesco-vcauthtls.txt b/draft-vesco-vcauthtls.txt index a5ed0ee..7cae19a 100644 --- a/draft-vesco-vcauthtls.txt +++ b/draft-vesco-vcauthtls.txt @@ -349,11 +349,15 @@ Table of Contents 6.2. Mutual authentication with Verifiable Credentials - This section shows an example where the TLS client as well as the TLS - server use VCs for authentication. In fact the server selects VC for - both client_cert_types and server_cert_types extensions and in the - CertificateRequest message sends the did_methods extension with a set - of DID methods both endpoints have in common. + This example shows a TLS 1.3 handshake with mutual authenitcation. + Both client and server select their Verifiable Credential for + authentication. The client sends the did_methods extension along + with the server_certificate_type extension set to VC as the first + option. The server sends the server_certificate_type set to VC, the + client_cert_type set to VC and the CertificateRequest message + together with the did_methods extension with a set of DID Methods + both endpoints have in common. Both client and server send their + Verifiable Credential into their respective Certificate message. 6.3. Mutual authentication with Client using Verifiable Credential and Server using X.509 Certificate