From nobody Fri Dec 5 08:05:56 2014 Return-Path: X-Original-To: pkix@ietfa.amsl.com Delivered-To: pkix@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 924351ACEEA; Fri, 5 Dec 2014 08:05:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.277 X-Spam-Level: X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l_pkY6BL3--j; Fri, 5 Dec 2014 08:05:52 -0800 (PST) Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6206F1ACEE2; Fri, 5 Dec 2014 08:05:50 -0800 (PST) Received: by mail-lb0-f182.google.com with SMTP id f15so850415lbj.27 for ; Fri, 05 Dec 2014 08:05:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=bP01U3hW3pQRrqceKcv+mBzoxshrAFhMEM9u2Au6ij4=; b=z5UXXuqMKID/jD2FSmEmAxDk950wX/XXg+dcMcOdx5jT96q1HkW5d8vOGoXOTlYiys qZJuMfCByPnm3OFdR5CXdb5GdsqT7Ik+4zCqAWZs2qgha6PDN4tA+k7awY/VLFlp78Dm o0lIqUHrDxFln9xskCtbA6+sT7lu1BhYuKBrXjrIZE3BFYVU2SNeG86tYi5ric0Oabb+ oggHmzsWrpQV0pcEUH+KZuonnal30Gna3sA+4bFJVlI7Mt3CQw98Djl0l/8a6MoPixQo GZ4JiK4+/lySsU4ltmw1+6iXAf7KaW674WjHEibnyIuCx7b3akZsMs+9JZBARzg59KSR JN8w== MIME-Version: 1.0 X-Received: by 10.112.160.137 with SMTP id xk9mr3550919lbb.99.1417795548760; Fri, 05 Dec 2014 08:05:48 -0800 (PST) Sender: hallam@gmail.com Received: by 10.112.19.42 with HTTP; Fri, 5 Dec 2014 08:05:48 -0800 (PST) Date: Fri, 5 Dec 2014 11:05:48 -0500 X-Google-Sender-Auth: ScrB4ZmkvdirApm0mEwjCLBz7Hg Message-ID: From: Phillip Hallam-Baker To: "pkix@ietf.org" , "tls@ietf.org" Content-Type: multipart/alternative; boundary=001a11c38c700c52bf05097a406b Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/71dl4Mvwn2XnGUabROqXzQZ0M3Q Subject: [pkix] New version of TLS Feature X-BeenThere: pkix@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: PKIX Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Dec 2014 16:05:54 -0000 --001a11c38c700c52bf05097a406b Content-Type: text/plain; charset=UTF-8 https://tools.ietf.org/html/draft-hallambaker-tlsfeature-06 The main difference from the previous one is to reword the processing requirements to state that if you are required to use TLS with a valid certificate because of a protocol specification or security policy requirement the connection has to be refused. It is of course open for the client to chose their course of action in cases where use of TLS is optional. --001a11c38c700c52bf05097a406b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable --001a11c38c700c52bf05097a406b--