On Thu, 24 Nov 2016, Eran Messeri wrote:
The changes from draft 20:* Relaxation of MUST to SHOULD in section 5.1.
* Removal of the optional APIs.
Thanks Eran!
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-trans-rfc6962-bis-21
This looks good to me and seems to match what people thought the text
should be during our meeting at IETF#97. If anyone thinks the new text
in Section 5.1 is incorrect or incomplete, please let us know as soon
as possible.
Since the diff looks large due to the section renumbering, the actual
MUST -> SHOULD change is:
- Logs MUST accept certificates and precertificates that are fully
+ Logs SHOULD accept certificates and precertificates that are fully
valid according to RFC 5280 [RFC5280] verification rules and are
submitted with such a chain.
+ (A log may decide, for example, to temporarily reject valid
+ submissions to protect itself against denial-of-service attacks).
Thanks,
Paul
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
