{"draft":"draft-ietf-tls-subcerts-15","doc_id":"RFC9345","title":"Delegated Credentials for TLS and DTLS","authors":["R. Barnes","S. Iyengar","N. Sullivan","E. Rescorla"],"format":["HTML","TEXT","PDF","XML"],"page_count":"17","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Transport Layer Security","abstract":"The organizational separation between operators of TLS and DTLS\r\nendpoints and the certification authority can create limitations. \r\nFor example, the lifetime of certificates, how they may be used, and\r\nthe algorithms they support are ultimately determined by the\r\nCertification Authority (CA).  This document describes a mechanism to\r\novercome some of these limitations by enabling operators to delegate\r\ntheir own credentials for use in TLS and DTLS without breaking\r\ncompatibility with peers that do not support this specification.","pub_date":"July 2023","keywords":["certificate","authentication","TLS 1.3","signature scheme"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9345","errata_url":null}