dime-0----Page:8
1 2 3 4 5 6 7 8 9 10 11
|
Issue 38: Need to state clearly what transport layer security version should be used Details: We need to clearly call out what kind of ClientHello envelope is to be used during initial TLS negotiation. Status: No activity Issue 39: Need for additional verification of received certificates when using TLS Details: A question was raised if there should be additional validation of received certificates, maybe against the Origin-Host. Status: No activity Notes: A strawman proposal is to use Subject Alternative Name (RFC3280) for certificate verification against Origin-Host |