Aww, I see your point. You're right, it should be that crit=true if and only if crit=true.
> Actually, what usecase do strict certificates serve anyway? I can not > figure out any usecase that would make much sense to me. Dealing with > server endpoints that are capable of LURK but not proof-of-possession > nor is the keyserver capable of format-checking? The point was to enforce that, if a delegation certificate is offered in a handshake, then a DC must be negotiated in that handshake. I wasn't actually there, but I'm told that this feature was brought up at IETF. It doesn't seem like there's a clean way to do this, and I'm not sure this feature is worth the added complexity. I'm going to propose we drop the strict flag and let the critical bit be optional for the extension. What do you think? -Chris
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
