…rver and all clients support the Server Name Indication (SNI) extension to TLS [RFC6066]. Mail servers supporting the SNI need to support the post-SRV hostname to interoperate with MUAs that have not implemented [RFC6186]. For more discussion of this problem, see Section 5.1 of […

…tion. The TLS Origin-Bound Certificates extension (TLS-OBC) is a TLS extension [RFC6066] that allows clients to use certificate-based client authentication without having to obtain user consent before using certificates. A client creates at most one (self-signed) certificate of a…

…ver and all clients support the Server Name Indication (SNI) extension to TLS [ RFC6066 ]. Mail servers supporting the SNI need to support the post-SRV hostname to interoperate with MUAs that have not implemented [ RFC6186 ]. For more discussion of this problem, see Section 5.1 o…

…tion. The TLS Origin-Bound Certificates extension (TLS-OBC) is a TLS extension [RFC6066] that allows clients to use certificate-based client authentication without having to obtain user consent before using certificates. A client creates at most one (self-signed) certificate of a…

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…

…6] Clients MUST use the Server Name Indication extension in the TLS handshake. [RFC6066] Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handshak…

… client SHOULD use the TLS Certificate Status Request extension ( Section 8 of [RFC6066] ), commonly called "OCSP stapling" to check the revocation status of the public key certificate of the DNS server. OCSP stapling, unlike OCSP RFC6960 ], does not suffer from scale and privacy…

…there is no harm in supporting the TLS Server Name Indication (SNI) extension [ RFC6066 ], this is not necessary since the same function is served in XMPP by the 'to' address of the initial stream header as explained in Section 4.7.2 of [RFC6120] 3.6 . Human Factors It is strongl…

…le, the "cached_info" extension RFC7924 ; certificate compression RFC8879 ; and RFC6066 , which defines the "client_certificate_url" extension allowing DTLS clients to send a sequence of Uniform Resource Locators (URLs) instead of the client certificate. DTLS stacks SHOULD NOT se…

…e 13] RFC 6962 Certificate Transparency June 2013 Request" TLS extension; see [ RFC6066 ]), where the response includes an OCSP extension with OID 1.3.6.1.4.1.11129.2.4.5 (see [ RFC2560 ]) and body: SignedCertificateTimestampList ::= OCTET STRING At least one SCT MUST be included…

…us Protocol (OCSP) Stapling (i.e., Certificate Status Request in Section 8 of [ RFC6066 ), both of which confer substantial performance and privacy benefits when used in combination with SVCB records. To realize the greatest privacy benefits, this proposal is intended for use ove…

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…

…6]. Clients MUST use the Server Name Indication extension in the TLS handshake [RFC6066]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsha…