- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Fri, 19 Feb 2016 18:37:26 -0800
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP WG <ietf-http-wg@w3.org>
On 19 February 2016 at 18:16, Mark Nottingham <mnot@mnot.net> wrote: > The remaining question (3 in the issue) is whether we should firm up the definition of "reasonable assurances" to require another way of achieving that to be documented in an RFC that updates this one. > > Mike B has already supported this approach; what do others think? I think that it's a fine approach. Are we simply going to reference RFC 2818 in defining "reasonable assurances"? Maybe with a "Assurances that are considered reasonable might include the certificate checks defined in RFC 2818, though additional or alternative checks might be used by clients."
Received on Saturday, 20 February 2016 02:37:55 UTC