> > Sean, > > The working group felt pretty clearly that the BEGIN/END base64 encoding > was the format used by "all" web servers and that anything else would > require the client to translate into that format. >
That's true, but using a format that can just be dumped without inspection makes these private key injection attacks easier. I'm all for simple clients, but that ends where simplicity means not checking inputs and outputs. Regards, Niklas
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
