Re: Client certificates in HTTP/2 from Martin Thomson on 2015-06-09 (ietf-http-wg@w3.org from April to June 2015)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 9 Jun 2015 15:15:42 -0700
To: Adrien de Croy <adrien@qbik.com>
Cc: Mike Bishop <Michael.Bishop@microsoft.com>, Yoav Nir <ynir.ietf@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnXWYjE6PQP25NMQiMOUH_dVY-rLFVfX6cG_PQ9pL0CSLA@mail.gmail.com>

On 9 June 2015 at 14:34, Adrien de Croy <adrien@qbik.com> wrote:
> a) always -> let's tell every site we have a client cert

I think that this is the only sensible option.  But it wouldn't tell
sites that you have a cert, because you would send it unconditionally,
even if you didn't have a cert.

Received on Tuesday, 9 June 2015 22:16:10 UTC