On Jan 19, 2012, at 1:07 PM, Alexey Melnikov wrote:
>>>>
>> So, how about the following:
>>
>> RID systems MUST use TLS version 1.1 [RFC4346] or higher for
>> confidentiality, identification, and authentication, as in
>> Section 2 of [RFC2818].
> I am Ok with your latest proposal, but if you want to make me super-happy
> ;-), I suggest you make "as in Section 2 ..." a separate sentence (E.g. "Use
> of HTTP over TLS is specified in Section 2...", or at least insert the word
> "specified" after "as".
Hi, Alexey,
I can do that:
<t>RID systems MUST use TLS version 1.1 <xref target="RFC4346"/> or higher
for confidentiality, identification, and authentication, when sending RID
messages over HTTPS. HTTPS is specified in Section 2 of <xref
target="RFC2818"/>. RID systems MUST use mutual authentication; that is,
both RID systems acting as HTTPS clients and RID systems acting as HTTPS
servers MUST be identified by an <xref target="RFC5280">X.509
certificate</xref>. Mutual authentication requires full path validation on
each certificate, as defined in <xref target="RFC5280"/>.</t>
Cheers,
Brian
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www.ietf.org/mailman/listinfo/gen-art
