Current (21) draft references RFC 6961 in multiple places, in particular
* Section 4.4.2:
Valid extensions
include OCSP Status extensions ([RFC6066] and [RFC6961])
* and therein implicitly:
If
an extension applies to the entire chain, it SHOULD be included in
the first CertificateEntry.at the same time section B.3.1 ExtensionType and table from Section 4.2 do not list status_request_v2 as a valid extension. If the intention was to deprecate status_request_v2, I think the references to RFC 6961 should be a bit more cautious. If it wasn't (as old messages sent to the list would indicate), quite a bit of text is missing. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
