- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Sat, 8 Mar 2014 11:39:12 +0000
- To: HTTP Working Group <ietf-http-wg@w3.org>
Pursuant to our discussion on TLS renegotiation, I've submitted part 1 of the solution I proposed as an internet draft. http://datatracker.ietf.org/doc/draft-thomson-tls-care/ If we agree to a mechanism whereby we augment the 401 status code with a "go away and make a new TLS connection with client authentication", then this is necessary, so that the server knows to request a client certificate. --Martin
Received on Saturday, 8 March 2014 11:39:41 UTC