The current text in the MUD draft around trust of certificates needs
cleaning up.  What I propose to do is to simply state that MUD
controller implementations MUST NOT blindly trust unknown signers, and
that they should apply restrictive controls until someone has reviewed
the content of the file or they have some basis to trust that the file's
contents are appropriate for the device in question.


Attachment: signature.asc
Description: OpenPGP digital signature

OPSAWG mailing list

Reply via email to