On 18 Aug 2023, at 23:26, Michael Richardson wrote:
>
> If we are talking about an RFC8995 (BRSKI) mechanism then:
>
> a) It requires that the Peer defer validation of the Server's certificate
> until later on when another signed artifact is received (RFC8366 voucher).
> b) The server still
Eliot Lear wrote:
>> We don't need or want anonymous ciphersuites here.
> We should keep the TLS-POK work in mind.
I didn't find an obvious draft about that in the TLS WG.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldw
https://datatracker.ietf.org/doc/draft-ietf-emu-bootstrapped-tls/
On 19.08.23 21:12, Michael Richardson wrote:
Eliot Lear wrote:
>> We don't need or want anonymous ciphersuites here.
> We should keep the TLS-POK work in mind.
I didn't find an obvious draft about that in the TLS WG.
