On 3/4/21 9:57 AM, Phillip Hallam-Baker wrote:
It is really rare that people try to use TLS without Internet connectivity.
That might be due in part to the association, in practice, of TLS with verification of DNS names in server certificates.
There are lots of applications (including but not limited to ordinary web browsers and servers) running on disconnected and intermittently-connected networks out there that need encryption, and which can't practically use TLS, because they don't use DNS or even host files. But it's not a limitation of the TLS protocol so much as of the APIs and the code that does certificate verification.
