On Tue, Aug 04, 2015 at 08:45:40PM -0700, Ben Campbell wrote:
> Thanks for this. I only have some editorial comments, and others have
> beaten me to the punch on all save the following:
>
> -- Section 8, first paragraph:
>
> This section updates [RFC6698] by specifying a requirement on the
> TLSA Publisher to ensure that each combination of Certificate Usage,
> selector and matching type in the server's TLSA RRset MUST include at
> least one record that matches the server's current certificate chain.
>
> "Requirement on the ... publisher to ensure...that each combination...
> MUST include..." is sort of an odd construction for a 2119 MUST. Does
> the following capture the intent?
>
> NEW:
> This section updates [RFC6698] by specifying that the
> TLSA Publisher MUST ensure that each combination of Certificate
> Usage, selector and matching type in the server's TLSA RRset includes at
> least one record that matches the server's current certificate chain.
> END
Yes. Thanks.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
