#108: TLS session resumption: Server MUST NOT send SCTs This ticket is about how servers behave during TLS session resumption when clients send the signed_certificate_timestamp extension in the handshake (http://tools.ietf.org/html/rfc6962#section-3.3.1).
The wording in RFC6962 is slightly ambiguous: It's clear that on session resumption clients SHOULD include the extension type but is more lax about server response, stating "the server is not expected to process it or include the extension in the ServerHello". Should this be changed to MUST NOT or SHOULD NOT in -bis ? As a reference, RFC6066 uses MUST NOT for the SNI extension (end of section 3) -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Keywords: -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/108> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
