Thanks for taking a look. I’ve opened
https://github.com/rolandshoemaker/acme-tls-alpn/pull/6/files to address most
of these comments.
For (4) the plan is to simply version it as suggested, that’s why we went with
a two part OID with the base and then a versioned extension. If we need to
On Thu, Aug 9, 2018 at 12:32 PM Sean Turner wrote:
> 5) General: Okay so I’m no cryptographer, but should the hash algorithm used
> in the challenge correspond to the hash algorithm used in the PRF/HKDF? I
> mean if I’m going to use TLS 1.3 and TLS_AES_256_GCM_SHA384 should I really
> use
Couple of comments:
0) s2: Use the update text:
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14 [RFC2119] [RFC8174] when, and only