James Cloos <cloos(_at_)jhcloos(_dot_)com> wrote:
I've read the draft now. It looks good.
Thanks.
§3 specifies that the hostname MUST be in the cert as an DNS-ID and
also MAY be there as a CN-ID.
That is basically adapting what RFC 6125 says to the specifics of SMTP,
i.e. subsetting the possible identities (omitting SRV etc.). Perhaps I
ought to make the DNS-ID a SHOULD rather than MUST to follow RFC 6125
more exactly.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
Thames, Dover, Wight, Portland, Plymouth: Variable 3 or 4. Smooth or slight.
Fog patches. Moderate, occasionally very poor.