From a3c410b3fbe9de1feeb17851f9d4b11076cfbbe6 Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini Date: Tue, 13 Dec 2016 23:22:46 +0000 Subject: [PATCH] Server can authenticate client, not itself --- draft-ietf-quic-tls.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md index 61de39cedd..e2ca655860 100644 --- a/draft-ietf-quic-tls.md +++ b/draft-ietf-quic-tls.md @@ -204,7 +204,7 @@ when the DH keys are destroyed. After completing the TLS handshake, the client will have learned and authenticated an identity for the server and the server is optionally able to -learn and authenticate an identity for the server. TLS supports X.509 +learn and authenticate an identity for the client. TLS supports X.509 certificate-based authentication {{?RFC5280}} for both server and client. The TLS key exchange is resistent to tampering by attackers and it produces