Ah, I'm not familiar enough with stapling to answer that. From: Wayne Thayer [mailto:wtha...@godaddy.com] Sent: Monday, December 02, 2013 4:03 PM To: Rick Andrews Cc: wpkops@ietf.org Subject: RE: [wpkops] Early draft of vendor questionnaire
> But what do you mean by "Does there need to be a question about stapling > support for multiple signature algorithms?" This may be an ignorant question, but I'm asking if web servers can staple OCSP responses using both SHA-1 and SHA-2 for the same site? Thanks, Wayne From: Rick Andrews [mailto:rick_andr...@symantec.com] Sent: Monday, December 02, 2013 4:45 PM To: Wayne Thayer Cc: wpkops@ietf.org Subject: RE: [wpkops] Early draft of vendor questionnaire Wayne, You asked: "Should we also ask about SPDY support?" I'm inclined to think no, because that's sort of an HTTP replacement over and above SSL/TLS. I'm not sure it falls in to the charter. About RFC6277 (OCSP Algorithm Agility) good point, I'll add that. I created a new section for OCSP Responder (in addition to Server and Client) and also added the question to the Client survey. But what do you mean by "Does there need to be a question about stapling support for multiple signature algorithms?" Good point: "Should we ask what encoding is supported here (Punycode, UTF-8)" but I think I'll keep the questions to what's relevant for TLS/SSL (what happens if the user types the Punycode but the cert contains only the native name, and not, for example, how names are displayed). -Rick
_______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops