Section 3.6 of RFC 4306 describes the "Hash and URL" form of certificate
payloads, including the following text:
Implementations MUST be capable of being configured to send and
accept up to four X.509 certificates in support of authentication,
and also MUST be capable of being configured to send and accept the
first two Hash and URL formats (with HTTP URLs).
Can I read "HTTP" literally? In other words, is it safe to assume that
IKE implementations are not expected to also support HTTPS URLs here as
well? Given the public nature of the content to be retrieved, it seems
logical that straight HTTP is sufficient, but I'd like to verify the
assumption.
Thanks,
Chris Meyer
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
