- From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
- Date: Thu, 30 Jan 2014 01:05:31 +0200
- To: Yoav Nir <synp71@live.com>
- Cc: Martin Thomson <martin.thomson@gmail.com>, "Ludin, Stephen" <sludin@akamai.com>, Mike Belshe <mike@belshe.com>, HTTP Working Group <ietf-http-wg@w3.org>
On Thu, Jan 30, 2014 at 12:38:04AM +0200, Yoav Nir wrote: > On 29/1/14 7:41 PM, Martin Thomson wrote: > > Ilari suggested that some HTTP response will cause the client to > start a new connection. This gets us around the coalescing issue. > But how can the server know that this is a new connection that > should include a certificate? Are we bound to make a new TLS > extension saying "I want to mutually-authenticate" ? Maybe another > SCSV? Either way, I don't see a way to do this without changing TLS > or else forcing everyone to use #2. Oh yeah, the problem is that the client can't properly send a certificate without server sending CertificateRequest first, and sending CertificateRequest seems to have unwanted side effects... So that won't work. -Ilari
Received on Wednesday, 29 January 2014 23:05:55 UTC