Hi Stephane, What do you think of the idea of a separated out TLS and DTLS authentication draft that applies to both? There's a move afoot to submit one as soon as the draft window opens.
We will improve the authentication section in the TLS draft per your point below and/or thru pointing to the new draft. There's something elusive about our attempts to get an exact match of language between 5966bis and the TLS draft - the authors overlap but we keep missing anyway. Thanks for observing* the current mismatch. We will align. Allison [*] I hope the problem isn't Heisenberg uncertainty ;-) Sent from my iPhone > On Oct 29, 2015, at 12:04, Stephane Bortzmeyer <[email protected]> wrote: > > I'm one of the several persons who believe that we should delay WG > approval a bit to align DNS-over-TLS and DNS-over-DTLS, specially the > server authentication part (-01 does not even mention which field in > the cert to check). _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
