At 1:59 PM -0400 7/18/10, Shumon Huque wrote:
Well, one reason would be to reduce the number of verification
steps imposed on a client by a certificate with a more preferred
or more specific identity type.
Is there something more than just a non-mandatory optimization? The three
bullet points in the list all have MUSTs, and it sounds like these MUSTs, and
the statement that "The client then orders the list in accordance with the
following rules" passes muster with RFC 2119.
--Paul Hoffman, Director
Ietf mailing list