W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: #148: Reasonable Assurances and H2C

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 19 Feb 2016 18:37:26 -0800
Message-ID: <CABkgnnW3-c1qaC_N2UP5TLnPS0rrOYjOYFb4nhUzfQ_8AFsTJA@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP WG <ietf-http-wg@w3.org>
On 19 February 2016 at 18:16, Mark Nottingham <mnot@mnot.net> wrote:
> The remaining question (3 in the issue) is whether we should firm up the definition of "reasonable assurances" to require another way of achieving that to be documented in an RFC that updates this one.
> Mike B has already supported this approach; what do others think?

I think that it's a fine approach.

Are we simply going to reference RFC 2818 in defining "reasonable
assurances"?  Maybe with a "Assurances that are considered reasonable
might include the certificate checks defined in RFC 2818, though
additional or alternative checks might be used by clients."
Received on Saturday, 20 February 2016 02:37:55 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC