- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 11 Mar 2014 09:12:31 +0100
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
Thanks Julian, https://github.com/martinthomson/drafts/commit/bbc206889f1946c6f4f020152bc0f0d4c956e328 On 11 March 2014 08:46, Julian Reschke <julian.reschke@gmx.de> wrote: >> HTTP/2 [I-D.ietf-httpbis-http2] forbids the use of renegotiation, >> except for at the very beginning of a connection. This makes >> addressing some client authentication use cases difficult. > > Not in the referenced version of the draft, right? True, but there doesn't seem to be much point in pursuing this draft if HTTP/2 doesn't make that statement :) >> 2. Client Certificate Challenge >> >> parameters other than "realm". Other parameters MAY be used to >> provide a client with information it can use to select an appropriate >> certificate. Unknown parameters MUST be ignored. > > > Do we need to be more specific? Is there something that could be > standardized here? I thought about that. Maybe someone else can do the definition. For instance, see Henry's use case and my response there.
Received on Tuesday, 11 March 2014 08:13:00 UTC