The use of SRV-IDs is supposed to ensure that the client connects to the service type it wanted from among the services available at the DNS name it wanted. However, given that...
- The client's list of reference identifiers MUST include a DNS-ID (section 6.2.10) - The examples of server certificates that include a SRV-ID (section 4.2) also include a DNS-ID - The server ID check succeeds if any reference identifier matches any presented identifier (section 6.3) it would appear that the DNS-IDs will always match, making the service types in the SRV-IDs irrelevant. Am I right? -- Matt _______________________________________________ certid mailing list [email protected] https://www.ietf.org/mailman/listinfo/certid
