#108: TLS session resumption: Server MUST NOT send SCTs
Comment (by [email protected]): I think changing it to "MUST NOT" makes sense. IINM, when a session is resumed a client typically won't repeat the certificate validation that it originally performed (when the session was initially established). Where there is no certificate validation taking place, there is no need for SCTs. For reference, this is the "MUST NOT for the SNI extension" text you were referring to: "When resuming a session, the server MUST NOT include a server_name extension in the server hello." -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/108#comment:1> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
