On Sat, May 20, 2017 at 01:55:07AM -0400, Viktor Dukhovni wrote: > > On May 20, 2017, at 1:41 AM, Nico Williams <n...@cryptonector.com> wrote: > > "When using TLS to authenticate the server, certificate signature > > algorithms weaker than <list of weakest acceptable signature algs here> > > MUST NOT be used." > > Minor correction, perhaps you really mean to say "when using RFC5280 (PKIX) > to authenticate... (the [server or client?]). TLS is just the transport > after all.
No, I meant what I said, as in "as opposed to using TLS opportunistically". Nico -- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
