#145: Section 9.2 (TLS clients) needs more guidance for browsers The WG discussions have focussed on browsers as the key TLS client and motivating use case. So it might make sense for Section 9.2 (TLS Clients) to reflect this and focus on browsers. In particular, text needs to be added re: the role that browser vendors play and the section also needs to allow for added guidance for browsers. For example, saying that a TLS client MUST reject an SCT with a future timestamp does not provide clear direction for a browser on what to do with the certificate. One can argue that if an SCT is present and found to be invalid then a browser SHOULD treat the certificate as invalid. (This case is very different from having a browser treat a certificate as invalid because an SCT is not available, e.g., because of the incremental deployment issues associated with the latter.)
-- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Keywords: -------------------------+------------------------------------------------- Ticket URL: <https://trac.tools.ietf.org/wg/trans/trac/ticket/145> trans <https://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
