Joseph Salowey <[email protected]> wrote: >> I suggest: >> >> “EAP-TLS servers supporting TLS 1.3 that use OCSP to do certificate >> recovation checks, MUST implement Certificate Status Requests using OCSP >> stapling as specified in Section 4.4.2.1 of [RFC8446].
> [Joe] Thanks Michael, I think your suggestion is a better way to phrase
it
Just so that we are clear: this mandates OCSP+stapling for systems that do
revocation checks.
Systems that don't do revocation checks (current mbedtls), therefore don't
need to do OCSP or stapling.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
