On Mar 2, 2024, at 1:20 PM, David Mandelberg <david=40mandelberg.org@xxxxxxxxxxxxxx> wrote: > If it's not feasible to require server authentication before sending Identity-Hint, then maybe at least document what information can be leaked by it and in what circumstances? Or maybe recommend that implementations don't send it by default to unauthenticated servers, but offer a way for the user to override that default? I believe that Identity-Hint is not useful for server unauthenticated provisioning, and therefore should not not be used in that situation. Alan DeKok. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
