On Mon, Mar 19, 2018 at 12:22:48PM -0400, Ryan Sleevi wrote: > On Mon, Mar 19, 2018 at 10:20 AM, Colm MacCárthaigh <c...@allcosts.net> > wrote: > > > 2/ clients and browsers could easily consider such sessions insecure by > > default. This would mean that adopters would have to deploy configurations > > and mechanisms to enable this functionality, similar to - but beyond - how > > private root CAs can be inserted. > > > > I thought the use case was that this was not for clients and browsers, but > for server<->server interactions.
This is an important question the answer to which remains unclear, to me. -Ben _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
