Hi,
On Mon, 02 May 2016 22:43:09 +0200, Eric Rescorla <e...@rtfm.com> wrote:
PR: https://github.com/tlswg/tls13-spec/pull/448
Targe landing date: Wednesday
In Buenos Aires we discussed moving CertificateStatus to part of the
Certificate message. In offline conversations, it started to look like
that
wasn't optimal in part because it created an asymmetry wrt Signed
Certificate Timestamps. Instead, I propose just carrying the response in
the response extensions.
I just created PR#443, which moves the CertificateStatus response to an
extension in EncryptedExtensions. Comments welcome.
-Ekr
Regarding Certificate Status, is it such a good idea to keep both the
original extension and the newer status_request_v2 extension in TLS 1.3?
The client may have to signal the original extension in order to be
interoperable with older TLS implementations, but wouldn't it be best if
TLS 1.3 mandated the v2 extension in the server response?
--
Sincerely,
Yngve N. Pettersen
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
