On Sun, Feb 19, 2023 at 07:39:18AM -0700, Brian Campbell wrote:
> Thank you James, appreciate you taking the time to review the document.
A quick question about the document. I notice that the certifificate
type is implicitly restricted to x509. This means that there isn't a
way for the proxy to use this header to represent RFC7250 raw public
keys.
Is it intended that a different header be used for that purpose? Or
would it make sense to signal the certificate type value and then the
certificate, allowing other certificate types to be encoded (just as in
the TLS certificate message, after first negotiating the type via a
separate extension)?
--
Viktor.
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
