Bjoern Hoehrmann wrote:
* Julian Reschke wrote:
As far as I can tell, APP doesn't require support for signatures, nor
did James say so (pointer?).
The text said that servers SHOULD remove invalidated signatures. You can
not do that unless you can determine that a signature has indeed been
invalidated and know how to remove such a signature. So support would be
required unless <rfc 2119 exceptions>.
I don't see a SHOULD, but maybe I'm not looking at the same proposal
you're looking it.
Best regards, Julian
