What's left to doo on NTS

[Hal Murray]

Gary said:
>> Otherwise, either do full validation or don't bother with NTS
>> at all. Pinning counts as full validation.

> I'd be happy if we had per host pinning instead of "noval". 

How is per-host pinning normally implemented?

We have the option to use a local file of trusted/root certificates.  Can you 
easily get one per host to put in there?


-- 
These are my opinions.  I hate spam.