I have opened to pull requests in github against the text that was there. The goal is not to merge this, it's an RFC already, but rather to permit github to be used for wordsmithing efforts.
https://www.rfc-editor.org/errata/eid6648 https://github.com/anima-wg/anima-bootstrap/pull/151/files Pledge->Registrar: Use of TLS 1.3 (or newer) is encouraged. TLS 1.2 or newer is REQUIRED on the pledge side. TLS 1.3 (or newer) SHOULD be available on the registrar server interface, and the registrar client interface, but TLS 1.2 MAY be used. When TLS 1.3 is used the use of Server Name Indicator (SNI, [RFC6066]) is not required, per RFC8446 section 9.2, this specification is an application profile specification. A pledge connects to the Registrar using only an IP address and it will not have any idea of a correct SNI value. This also implies that the Registrar interface may not be virtual \ hosted using SNI. {I have no problem with changing "not required" in 6648 to say, "is ignored by Registrar upon receipt", as brski-cloud requires the pledge to include the SNI} {note that the errata says it is to section 5.4, but it's to section 5.1!} https://www.rfc-editor.org/errata/eid6642 https://github.com/anima-wg/anima-bootstrap/pull/150/files Registrar->MASA: TLS 1.2 [RFC5246] with SNI support [RFC6066] is REQUIRED if TLS 1.3 is not available. The Server Name Indicator (SNI) is required when the Registrar communicates with the MASA in order for the MASA to be hosted in a modern multi-tenant TLS infrastructure. This way, you can use the github "Suggest" text. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
