From 12fc50cea785d0f071fd29c8cd2ea153a360f1de Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 8 Jan 2019 11:03:36 +0000 Subject: [PATCH] clarify that a whitelist is useful for cjdns too --- proposals/1711-x509-for-federation.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/proposals/1711-x509-for-federation.md b/proposals/1711-x509-for-federation.md index 43fd9657b..4eda65efc 100644 --- a/proposals/1711-x509-for-federation.md +++ b/proposals/1711-x509-for-federation.md @@ -79,9 +79,8 @@ private federation using their own CA. It would also be useful for administrators to be able to disable the certificate checks for a whitelist of domains/netmasks. This would be useful -for `.onion` domains (where a certificate is hard to obtain, and where server -verification is provided at the network level), as well as for testing with IP -literals. +for testing, or for networks that provide server verification themselves, +such as like `.onion` domains on Tor or `fc00::/8` IPs on cjdns. ### Interaction with SRV records