I am reading this now. It’s good, I like it. One nit; should Section 4.2 be titled “Cipher Suites for TLS 1.2” ?
In section 6.4, the “(e.g., even more than a few hours)” should probably replace it with “(in some cases, even as little as a few hours)” but it would be REALLY helpful for guidance on picking the time. In section 6.5, doesn’t the stapling reference need additions for “cert status” for TLS 1.3? And okay if you don’t want to mention certificate transparency, but either include that or make explicit that for XXX reasons you’re not doing so. Hope this helps.
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
