| rfc9932v3.txt | rfc9932.txt | |||
|---|---|---|---|---|
| Independent Submission S. Halén | Independent Submission S. Halén | |||
| Request for Comments: 9932 The Swedish Internet Foundation | Request for Comments: 9932 The Swedish Internet Foundation | |||
| Category: Informational J. Schlyter | Category: Informational J. Schlyter | |||
| ISSN: 2070-1721 Kirei AB | ISSN: 2070-1721 Kirei AB | |||
| February 2026 | March 2026 | |||
| Mutually Authenticating TLS in the Context of Federations | Mutually Authenticating TLS in the Context of Federations | |||
| Abstract | Abstract | |||
| This Informational Independent Submission to the RFC Series describes | This Informational Independent Submission to the RFC Series describes | |||
| a means to use TLS 1.3 to perform machine-to-machine mutual | a means to use TLS 1.3 to perform machine-to-machine mutual | |||
| authentication within federations. This memo is not a standard. It | authentication within federations. This memo is not a standard. It | |||
| does not modify the TLS protocol in any way, nor does it require | does not modify the TLS protocol in any way, nor does it require | |||
| changes to common TLS libraries. TLS is specified and standardized | changes to common TLS libraries. TLS is specified and standardized | |||
| skipping to change at line 196 ¶ | skipping to change at line 196 ¶ | |||
| 2. Diverse Design Patterns | 2. Diverse Design Patterns | |||
| MATF is designed to be flexible and adaptable to the varying needs of | MATF is designed to be flexible and adaptable to the varying needs of | |||
| different federations. Federations can differ significantly in terms | different federations. Federations can differ significantly in terms | |||
| of size, scope, and security requirements, which makes it challenging | of size, scope, and security requirements, which makes it challenging | |||
| to prescribe a one-size-fits-all trust framework and security | to prescribe a one-size-fits-all trust framework and security | |||
| measures. | measures. | |||
| For instance, in the European Union, Regulation (EU) No 910/2014 (the | For instance, in the European Union, Regulation (EU) No 910/2014 (the | |||
| electronic identification, authentication, and trust services (eIDAS) | electronic identification, authentication, and trust services (eIDAS) | |||
| Regulation [eIDAS]) establishes a regulatory framework for electronic | Regulation) [eIDAS] establishes a regulatory framework for electronic | |||
| identification and trust services for electronic transactions in the | identification and trust services for electronic transactions in the | |||
| internal market. The eIDAS Regulation provides a basis for cross- | internal market. The eIDAS Regulation provides a basis for cross- | |||
| border recognition of notified electronic identification schemes and | border recognition of notified electronic identification schemes and | |||
| for regulated trust services. | for regulated trust services. | |||
| Similarly, national federations, such as those found in education or | Similarly, national federations, such as those found in education or | |||
| healthcare sectors, often have their own specific trust frameworks | healthcare sectors, often have their own specific trust frameworks | |||
| and security measures tailored to their unique needs. These | and security measures tailored to their unique needs. These | |||
| federations may leverage existing national identification systems or | federations may leverage existing national identification systems or | |||
| other trusted credentials to establish member identities and ensure | other trusted credentials to establish member identities and ensure | |||
| End of changes. 2 change blocks. | ||||
| 2 lines changed or deleted | 2 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||