On Jan 19, 2012, at 1:07 PM, Alexey Melnikov wrote: >>>> >> So, how about the following: >> >> RID systems MUST use TLS version 1.1 [RFC4346] or higher for >> confidentiality, identification, and authentication, as in >> Section 2 of [RFC2818]. > I am Ok with your latest proposal, but if you want to make me super-happy > ;-), I suggest you make "as in Section 2 ..." a separate sentence (E.g. "Use > of HTTP over TLS is specified in Section 2...", or at least insert the word > "specified" after "as".
Hi, Alexey, I can do that: <t>RID systems MUST use TLS version 1.1 <xref target="RFC4346"/> or higher for confidentiality, identification, and authentication, when sending RID messages over HTTPS. HTTPS is specified in Section 2 of <xref target="RFC2818"/>. RID systems MUST use mutual authentication; that is, both RID systems acting as HTTPS clients and RID systems acting as HTTPS servers MUST be identified by an <xref target="RFC5280">X.509 certificate</xref>. Mutual authentication requires full path validation on each certificate, as defined in <xref target="RFC5280"/>.</t> Cheers, Brian _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art