Ben, > On 21 Jan 2021, at 5:30 am, Benjamin Kaduk via Datatracker <[email protected]> > wrote: > > (discuss point 1) > Mike already filed https://github.com/quicwg/base-drafts/issues/4761 > and I think we can keep the discussion there. > But to reiterate, we reference [SEMANTICS] for certificate validation > and use in determining authority for the "https" scheme, yet the > additional prose discussion we offer (with CN-ID and DNS-ID as the > certificate fields to validate against, though not by that name) does > not match what's currently present in [SEMANTICS]. Discussion so far on > the linked issue against [SEMANTICS] suggests that [SEMANTICS] will > change, but we should not go forward with this document until we've > resolved the disparity.
The only situation where that's useful is if you believe certificate validation should operate in a different fashion for HTTP/3 from other versions of the protocol; is that the case? > (One might also wonder whether we need to > duplicate the content ourselves or should just reference the other > document(s).) If the content is indeed the same, I hope we can agree that it shouldn't be duplicated; having every version of HTTP re-specify this isn't really workable. Cheers, -- Mark Nottingham https://www.mnot.net/
