Hi, I left a comment wondering how this draft might interact with security issues in the network layer, like the various kinds of BGP hijacking.
https://github.com/tlswg/tls-subcerts/issues/42 That's not to say this draft is the place to fix those problems, but it seems like it could make them more difficult to detect in some ways. I was surprised not to see this issue at least mentioned in the Security Considerations section. If I'm wrong to suspect this is a concern, it might be helpful to note why that is. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
