ietf
[Top] [All Lists]

Re: Last Call: draft-saintandre-tls-server-id-check (Representation and Verification of Domain-Based Application Service Identity in Certificates Used with Transport Layer Security) to Proposed Standard

2010-07-18 17:05:17
At 1:59 PM -0400 7/18/10, Shumon Huque wrote:
Well, one reason would be to reduce the number of verification
steps imposed on a client by a certificate with a more preferred
or more specific identity type.

Is there something more than just a non-mandatory optimization? The three 
bullet points in the list all have MUSTs, and it sounds like these MUSTs, and 
the statement that "The client then orders the list in accordance with the 
following rules" passes muster with RFC 2119.

--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>