On 22 October 2015 at 10:11, Andrei Popov <andrei.po...@microsoft.com> wrote: > Then my argument would be: why send extra bytes in each ServerHello when TLS > client auth is not used most of the time? In this case, CertificateRequest > seems to be a better place.
I think that this is the best argument for CertificateRequest. We can prohibit the inclusion of the extension in ServerHello (or Server EncryptedExtensions) as we please then. I would argue for prohibiting it, since it has no purpose. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
