On 6/29/22 7:16 AM, Salz, Rich wrote:
Re: https://httpwg.org/specs/rfc9110.html#https.ip-id6125-bis has always been solely about names, specifically fully-qualified domain names. It has not been explicitly discussed, but I think the WG understanding is as I just described it. Looking at the section above, I don't see what 6125bis should have. I can only think of this in "Out of Scope" section 1.4.2: Identifiers other than FQDNs. Identifiers such as IP address are not discussed. New>> Protocols other than HTTP may want to consider {{RFC9110, Section 4.3.5}} as a validation model. <<new
I think Martin is suggesting that we add the matching rule to 6125bis: A reference identity of type IP-ID matches if the address is identical to an iPAddress value of the subjectAltName extension of the certificate. Peter _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
