On Wed, 2017-03-29 at 16:28 +0200, Nikos Mavrogiannopoulos wrote: > A more general note on the section/document, is that although the > PKIX > identity (certificate) is protected from passive adversaries, the PSK > identity is not. This is a discrepancy in terms of protecting the > user's identity between PSK and certificate authentication (that > should > warrant .
... an entry in the security considerations. > 4.2. rfc6961 is standard's track but TLS 1.3 only uses the RFC6066 > status request. Why not require RFC6961? Please ignore that. I forgot to delete in my draft. regards, Nikos _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
