> But if the spec says MUST be minimum length, I would feel compelled to check every one.
"Be liberal in what you accept" no? > Please don't require minimum length unless security would be weaker without it. If the fields are used in digests/hashing/signatures, then it matters. (The DER/BER comment upthread) _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls