Victor suggests replacing section 3.3 as follows:
OLD:
When constructing a list of reference identifiers, the client MUST
NOT include any CN-ID present in the certificate. ...
NEW:
When constructing a list of presented DNS identifiers, the client
MUST
use only DNS-ID SANs and MUST NOT include any CN-ID present in the
certificate. ...
This seems okay to me, but I have a question about the ellipsis. Are you
suggesting that the "This means section 6.4.4..." sentence should be kept?
Also, on the definition of CN-ID:
> I think the original definition is better, and should just be retained
by reference, or repeated verbatim.
There draft says:
The terminology from [RFC6125] is used here. Specifically, the
following terms and brief definition (as a reminder):
So I think there's a reference. I do not want to repeat the formal definition
from 6125, it's a mouthful.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
