From 67a6a3c2bdd62652b8d802387c81bc7370bd62c8 Mon Sep 17 00:00:00 2001 From: "andrea.vesco" Date: Tue, 21 Nov 2023 16:39:50 +0100 Subject: [PATCH] server authentication exxample --- draft-vesco-vcauthtls.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/draft-vesco-vcauthtls.md b/draft-vesco-vcauthtls.md index 71e8ae3..ac17050 100644 --- a/draft-vesco-vcauthtls.md +++ b/draft-vesco-vcauthtls.md @@ -214,11 +214,13 @@ As discussed in [Section I](#introduction), a Holder wraps its own Verifiable Cr # Examples -This section shows some message-exchanges examples. +This section shows some examples of TLS handshakes using different combinations of authentication means. ## Server authentication with Verifiable Credential -This is an example of a client willing to receive and validate a VC from the server. The client does not own an identity at the TLS level and so omits the client_cert_type extension. The server indicates in the EncryptedExtensions message that it selected a VC to insert in the Certificate message. +This example shows a TLS 1.3 handshake with server authentication. The server selects a Verifiable Credential for authentication. +The client does not own an identity at the TLS level, therefore omits the client_certificate_type extension. The server indicates in the EncryptedExtensions message a +server_certificate_type equal to VC and insert the Verifiable Credential into the Certificate message.