On Tuesday, 15 August 2017 19:42:30 CEST Benjamin Kaduk wrote: > On 08/14/2017 01:26 PM, Ilari Liusvaara wrote: > > On Mon, Aug 14, 2017 at 08:03:08PM +0200, Hubert Kario wrote: > >> Current (21) draft references RFC 6961 in multiple places, in particular > >> > >> * Section 4.4.2: > >> Valid extensions > >> include OCSP Status extensions ([RFC6066] and [RFC6961]) > >> > >> * and therein implicitly: > >> If > >> an extension applies to the entire chain, it SHOULD be included in > >> the first CertificateEntry. > >> > >> at the same time section B.3.1 ExtensionType and table from Section 4.2 > >> do not list status_request_v2 as a valid extension. > >> > >> > >> If the intention was to deprecate status_request_v2, I think the > >> references to RFC 6961 should be a bit more cautious. If it wasn't (as > >> old messages sent to the list would indicate), quite a bit of text is > >> missing. > > > > The introduction suggests that TLS 1.3 intends to deprecate > > status_request_v2. > > Yes, the intention was to deprecate status_request_v2.
Proposed text to remove the ambiguity: https://github.com/tlswg/tls13-spec/pull/1075 -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
