Hi, In section 4.4.2.2, "Server Certificate Selection", of TLS 1.3 draft: https://tools.ietf.org/html/draft-ietf-tls-tls13-20#section-4.4.2.2
It is stated: - The "server_name" and "trusted_ca_keys" extensions [RFC6066 <https://tools.ietf.org/html/rfc6066>] are used to guide certificate selection. As servers MAY require the presence of the "server_name" extension, clients SHOULD send this extension, when applicable. The "trusted_ca_keys" extension is not used in TLS 1.3, and is replaced with the "certificate_authorities" extension (Section 4.2.4): The "trusted_ca_keys" extension, which serves a similar purpose [RFC6066 <https://tools.ietf.org/html/rfc6066>], but is more complicated, is not used in TLS 1.3 (although it may appear in ClientHello messages from clients which are offering prior versions of TLS). I guess it is a typo or a missed update to use the the "trusted_ca_keys" extension for server certificate selection in section 4.4.2.2. The "certificate_authorities" extension should be used instead. Regards, Xuelei Fan
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
