…le, the "cached_info" extension RFC7924 ; certificate compression RFC8879 ; and RFC6066 , which defines the "client_certificate_url" extension allowing DTLS clients to send a sequence of Uniform Resource Locators (URLs) instead of the client certificate. DTLS stacks SHOULD NOT se…

…e 13] RFC 6962 Certificate Transparency June 2013 Request" TLS extension; see [ RFC6066 ]), where the response includes an OCSP extension with OID 1.3.6.1.4.1.11129.2.4.5 (see [ RFC2560 ]) and body: SignedCertificateTimestampList ::= OCTET STRING At least one SCT MUST be included…

…us Protocol (OCSP) Stapling (i.e., Certificate Status Request in Section 8 of [ RFC6066 ), both of which confer substantial performance and privacy benefits when used in combination with SVCB records. To realize the greatest privacy benefits, this proposal is intended for use ove…

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…

…6]. Clients MUST use the Server Name Indication extension in the TLS handshake [RFC6066]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsha…

… there is no harm in supporting the TLS Server Name Indication (SNI) extension [RFC6066], this is not necessary since the same function is served in XMPP by the 'to' address of the initial stream header as explained in Section 4.7.2 of [RFC6120]. 3.6. Human Factors It is strongly…

…services over plain HTTP (e.g., the "Certificate Status Request" TLS extension [RFC6066], often colloquially referred to as "OCSP Stapling"). NOTE: The above points are expressly only an example and do not purport to address all the involved complexities. For instance, there are …

…ervices over plain HTTP (e.g., the "Certificate Status Request" TLS extension [ RFC6066 ], often colloquially referred to as "OCSP Stapling"). NOTE: The above points are expressly only an example and do not purport to address all the involved complexities. For instance, there are…

…y a domain name DNS-TERMS ), clients MUST send the Server Name Indication (SNI; RFC6066 ) TLS extension unless an alternative mechanism to indicate the target host is used. QUIC connections are established as described in QUIC-TRANSPORT . During connection establishment, HTTP/3 s…

…ervices over plain HTTP (e.g., the "Certificate Status Request" TLS extension [ RFC6066 ], often colloquially referred to as "OCSP Stapling"). NOTE: The above points are expressly only an example and do not purport to address all the involved complexities. For instance, there are…

…ng the TLS handshake. This may be done using the Server Name Indication (SNI) [ RFC6066 ] extension to TLS or using some other mechanism. QUIC connections are established as described in [ QUIC-TRANSPORT ]. During connection establishment, HTTP/QUIC support is indicated by select…

…y a domain name DNS-TERMS ), clients MUST send the Server Name Indication (SNI; RFC6066 ) TLS extension unless an alternative mechanism to indicate the target host is used. QUIC connections are established as described in QUIC-TRANSPORT . During connection establishment, HTTP/3 s…

…there is no harm in supporting the TLS Server Name Indication (SNI) extension [ RFC6066 ], this is not necessary since the same function is served in XMPP by the 'to' address of the initial stream header as explained in Section 4.7.2 of [RFC6120] 3.6 . Human Factors It is strongl…

… domain name ([DNS-TERMS]), clients MUST send the Server Name Indication (SNI; [RFC6066]) TLS extension unless an alternative mechanism to indicate the target host is used. QUIC connections are established as described in [QUIC-TRANSPORT]. During connection establishment, HTTP/3 …

…]. Clients MUST use the Server Name Indication extension in the TLS handshake [ RFC6066 ]. Once a connection to the server has been established (including a connection via a proxy or over a TLS-encrypted tunnel), the client MUST send an opening handshake to the server. The handsh…