On Thu, Dec 10, 2020, at 14:30, Sean Turner wrote: > OLD: > > The application layer protocol > used to send the authenticator request SHOULD use TLS as its > underlying transport to keep the request confidential > > NEW: > > The application layer protocol > used to send the authenticator request SHOULD use a secure > channel with equivalent security to TLS, such as > QUIC [ID.draft-ietf-quic-tls], as its underlying transport > to keep the request confidential Hi Sean, Any reason this can't become a MUST now? Once you require comparable channel security, a stronger requirement seems pretty reasonable. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
