SM wrote: > > The corrected text may be valuable but in my opinion it is, as Andrew > Sullivan mentioned, a substantive change. This is grounds for > rejecting erratum #3594. > > If the standard does not work in practice it means that RFC 6698 is > defective. That's a different issue. There are different schools of > thought about how a RFC should be written and how things should be > done in the IETF.
Rfc6698 will fail interop if the server admin asks his DNS admin to create a TLS record for usage 2 that contains only a certificate hash or SPKI hash, and fails to have his server send the respective certificate in certificate_list of the TLS server Certificate handshake message. This will become obvious to an implementor when trying to implement usage 2, wondering about missing information, and deducing the missing information by formal logic. The requested clarification simply adds explicit words for what is already implicitly required by the existing specification. It is not just valuable, it is the only formal correct interpretation of what is already there. Anything different from that requested clarification would amount to a change of the specification. Anyone who believes that this clarification is a "substantive change" has not looked at the existing spec from the perspective of formal correctness. -Martin _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
