On Fri 2017-10-27 15:55:10 +0200, Stephane Bortzmeyer wrote: > The datatracker tells us that draft-ietf-dprive-dtls-and-tls-profiles > has a DISCUSS "This needs to be updated to indicate that the client > MUST NOT offer 7250 unless it has a preconfigured SPKI, otherwise > you're going to have interop problems."
I agree that this DISCUSS should be cleared, since draft-10 and draft-11 both state: A client MUST only indicate support for raw public keys if it has an SPKI pinset pre-configured (for interoperability reasons). Regards, --dkg
signature.asc
Description: PGP signature
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy