Re: Looking for clarification on reasonable assurance section of RFC 7838 from Martin Thomson on 2023-02-14 (ietf-http-wg@w3.org from January to March 2023)

From: Martin Thomson <mt@lowentropy.net>
Date: Wed, 15 Feb 2023 09:39:00 +1100
To: ietf-http-wg@w3.org
Message-Id: <c84ee5c2-9a8c-44eb-ae05-34f6f61e2618@betaapp.fastmail.com>

On Mon, Feb 13, 2023, at 20:28, Jaikiran Pai wrote:
> Here, the RFC expects that the certificate offered by the origin (in 
> this case "www.example.com") is valid for the origin (www.example.com). 
> Right?

Yes.

It seems like you have a fairly good understanding of this from your other messages.

You might be interested in learning that people are unhappy with certain aspects of Alt-Svc.  We are discussing an alternative design that more heavily leans on the DNS: https://martinthomson.github.io/alt-svcb/draft-thomson-httpbis-alt-svcb.html

Received on Tuesday, 14 February 2023 22:39:37 UTC