W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: New Version Notification for draft-nottingham-http2-encryption-00.txt

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Mon, 7 Oct 2013 08:57:57 -0700
Message-ID: <CAPik8ya98OE7g6+Jygp+Xp0FiT+Q80r9HUt0kG4Pznk057UhNQ@mail.gmail.com>
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: Mark Nottingham <mnot@mnot.net>, Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
If Mike's right, then the HTTP server needs to know *three* things from the
TLS layer:
1) Whether or not the client authenticated
2) If (1) is true, whether there is a host name was in the cert's identity
3) If both (1) and (2) are true, what the host name is
That seems like a lot of unstated assumptions.
Received on Monday, 7 October 2013 15:58:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:18 UTC