W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

FYI: proposal for client authentication in TLS

From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 8 Mar 2014 11:39:12 +0000
Message-ID: <CABkgnnU1RMHN8sGsRc_KSw3+EutZnrrb-N=WpzP5wuqQ-ECe7Q@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Pursuant to our discussion on TLS renegotiation, I've submitted part 1
of the solution I proposed as an internet draft.

http://datatracker.ietf.org/doc/draft-thomson-tls-care/

If we agree to a mechanism whereby we augment the 401 status code with
a "go away and make a new TLS connection with client authentication",
then this is necessary, so that the server knows to request a client
certificate.

--Martin
Received on Saturday, 8 March 2014 11:39:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC