> Added to section 1: > > TLS Version > > Whenever TLS is required by this specification, the appropriate > version (or versions) of > TLS will vary over time, based on the widespread deployment and > known security > vulnerabilities. At the time of this writing, TLS version 1.2 <xref > target='RFC5246' /> > is the most recent version, but has a very limited deployment base > and might not be > readily available for implementation. TLS version 1.0 <xref > target='RFC2246' /> is the > most widely deployed version, and will provide the broadest > interoperability. > > Implementations MAY also support additional transport-layer > mechanisms that meet their > security requirements. > > And referenced this section when TLS requirements were previously defined.
That seems like a very sensible way to organize it; thanks. Barry _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
