W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: FYI: proposal for client authentication in TLS

From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 8 Mar 2014 15:58:33 +0000
Message-ID: <CABkgnnXdiR64n8=rLzxtVNwzmJASFwQ9WFiyJytiXpiqeNTS5A@mail.gmail.com>
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 8 March 2014 15:56, Ilari Liusvaara <ilari.liusvaara@elisanet.fi> wrote:
> IIRC, for certificate selection, TLS sends DNs of acceptable certificate
> authorities. Of course, that won't help with self-signed client
> certificate...

True.  In cases where clients use self-signed certificates they have
a-priori knowledge, or something bound to the domain name or origin of
the server, that they use to select these certificates.
Received on Saturday, 8 March 2014 15:59:00 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC