I assert that most uses of TLS are server-authenticated using a PKIX-compliant certificate, no matter if you count users/servers, connections, bytes transferred, or e-commerce dollar value.
It has been this way forever and that is why the TLS RFC’s have always talked about certificates, although left the chain validation up to separate RFC’s. Note that those RFCs really only talked about *naming* not crypto. I strongly believe the text should stay as it is, for the most good to the most people. Viktor is in the weeds, arguably by himself. -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
