Section 1.1: shouldn't it simply refer to -protocol for terms defined
there? I think it makes it more consistent.
this specification means that the recipient of a certificate must
actually validate the certificate rather than just accept a
Is this "must" intentionally in lower case? If so, is this plausible?
Section 4.3.1: typo "tranport"
The server MUST be implemented to support certificate and certificate
I do not think it is a MUST that a server must contain code to generate
certificates. This should be left to the implementation. There is
already the requirement to use certificates, so IMHO it is not the
business of an IETF document to specify how they are provided. For
example, I would provide a helper app with my syslog implementations,
but not include it in the core app - it doesn't belong there.
Other than that, I find the draft is quite acceptable.