I don't think its possible to go one API / method at a time. If we want to turn on a feature by default, it has to either be non-backwards compatible or not break any existing API.
I think I agree with you, or at least as far as saying that we really need to hear from implementors as to the feasibility of doing this in a backward-compatible and generic (not just browser/WebPKI) way.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
