> > Section 1.1: shouldn't it simply refer to -protocol for terms
> > defined there? I think it makes it more consistent.
> Agree, so we should only leave "TLS client" and "TLS server" to be
> define in
> Syslog/TLS darft, right?
That is my suggestion...
> > Section 4.2:
> > ===
> > Authentication in
> > this specification means that the recipient of a certificate must
> > actually validate the certificate rather than just accept a
> > certificate.
> > ===
> > Is this "must" intentionally in lower case? If so, is this
> Yes, intentionally.
IMHO it is confusing if you use "must" in a non-normative way. If I were
to implement it (and did not know about this discussion), I'd wonder if
I "MUST" validate ... or if the "must" is a suggestion, like a "SHOULD".
Why not use "SHOULD" in the first place?