On Fri, Oct 07, 2016 at 09:48:32AM +0200, Hannes Tschofenig wrote: > Hi all, > > I am wondering why the certificate_request_context field found in the > CertificateRequest and in the Certificate message is so long. It is > supposed to be used to match a certificate request against incoming > certificate. > > Does the field really need to be up to 256 bytes long? I think 8 bytes > should be more than enough.
I presume 255, but whatever... If application supports any sort of multiplexing (e.g. HTTP/2), one presumably wants the context to be non-opaque and identify the stream that caused the request + some parameters about the request (to avoid duplicating those in application layer). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
