@daniel well yes, I'm aware about that problem, but I think the best we can do is just restrict that a rigid rules (1.2=cert+uniq, 1.3=cert+exporter) as otherwise you need to bring in signing and verification into stream feature negotiation which are usually working at different layers and not always can use each other's data.