Hi Victor,
On 22/03/2015 19:37, Viktor Dukhovni wrote:
On Sun, Mar 22, 2015 at 03:12:31PM +0000, Alexey Melnikov wrote:
On 21/03/2015 07:38, Viktor Dukhovni wrote:
On Thu, Mar 19, 2015 at 12:06:13PM +0100, Leif Johansson wrote:
We need to get this document out the door! Getting a few reviews would
help a great deal!
Overall the document is in good shape.
In section 3 a sentence is truncated:
3. URI-ID identifier type (subjectAltName of
uniformResourceIdentifier type [RFC5280]) MUST NOT be used by
clients for server verification, as
Thank you, I will fix. The rest of the sentence was commented out for some
unknown to me reason.
I have a couple of questions about SRVNAME.
1. Which TLS libraries implement support for SRVNAME, beyond
any generic support for generic "other name"? In other
words, is vefication of SRVNAME likely to be easily available
to applications now, or will application developers have to
wait for TLS library developers to add support for this?
A quick look at OpenSSL shows no support for SRVNAME.
OpenSSL does or at least it is very easy to add it on top of OpenSSL. My
co-workers at isode implemented that.
I am thinking about your question #2 now and will reply separately.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
