On Thu, Jul 19, 2018 at 07:04:31PM +0000, Patton,Christopher J wrote: > Thanks both of you for the feedback. > > > I've revised the PR: > > https://github.com/tlswg/tls-subcerts/pull/9 > > > There's now a "strict" flag that, if set, requires the server to > offer a DC. In Sec. 6.1, I describe why I think this is sufficient. > Let me know what you think!
Ugh, it occurs to me that to have proper processing in all cases, including client that does not support DC and client that does and ignores criticality of supported extensions, you need to have critical flag and strict flag mirror each other. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
