Yoav Nir writes:
I assume you mean that you don’t sign with public keys. Replacing
“sign” with “validate” makes for a strange sentence, because the
sentence is about sending (and presumably signing) rather than
receiving (and validating).
How about:
“If multiple certificate are sent, the first MUST contain the public
key associated with the private key used to sign the AUTH payload”
Changed text to :
If multiple certificates are sent, the first certificate MUST contain
the public key associated with the private key used to sign the AUTH
payload.
--
kivinen(_at_)iki(_dot_)fi