On 9 November 2016 at 05:59, Brian Smith <br...@briansmith.org> wrote: > This isn't a pervasively shared goal, though. It's good to let the browsers > police things if they want, but I think a lot of implementations would > prefer to avoid doing work that isn't necessary for interop or security.
If you permit someone to enforce it, then that is sufficient. I don't think that we should ever force someone to enforce these sorts of things (as you say, sometimes strict enforcement isn't cheap or even desirable). _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls