Salz, Rich wrote:
> That is great to hear, thanks for the careful analysis.
>> Some nits:
> All look like good things to do, I'll make a PR soonish.
> What do you think of just rewriting this to completely replace 6125,
> rather than trying to be a "diff RFC"?
If you mean,
>As I wrote, I think we’re past it, because this is about domain/IP address
> validation and not client cert validation. Correct?
Ah, right. Thanks. Too many balls in the air :)
___
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/list
Rich,
As I wrote, I think we’re past it, because this is about domain/IP address
validation and not client cert validation. Correct?
Eliot
> On 14 May 2021, at 16:02, Salz, Rich wrote:
>
>> There are a VAST number of devices that run off of iDevIDs: they never
>> transition off of them.
>There are a VAST number of devices that run off of iDevIDs: they never
> transition off of them. I’m not a fan, but that’s what they do.
Okay, so this draft doesn't apply to them. There doesn't seem to be a problem
with, say, not using TLS 1.3 in cases, or not using ECDH in some cases, so
