> I did want to say that if an acceptable mechanism is found in this manner, > it does help with some but not all in-band TLS validation mechanisms. It > works for web server cases. It does not fully replace the mechanisms of > the TLS-SNI sort because it would not work for other protocols running over > TLS (like SMTP/TLS). The TLS-SNI mechanisms do facilitate that.
Really? Isn't TLS-SNI-01/-02 just allowed over TCP port 443? "This connection MUST be sent to TCP port 443 on the TLS server" _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
