- From: Mike Bishop <Michael.Bishop@microsoft.com>
- Date: Mon, 14 Mar 2016 22:04:07 +0000
- To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
The changes here are not nearly as substantial as in the last version; this officially submits the changes we made based on list feedback following the previous draft. -----Original Message----- From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Sent: Monday, March 14, 2016 2:58 PM To: Martin Thomson <martin.thomson@gmail.com>; Mike Bishop <Michael.Bishop@microsoft.com> Subject: New Version Notification for draft-thomson-http2-client-certs-02.txt A new version of I-D, draft-thomson-http2-client-certs-02.txt has been successfully submitted by Mike Bishop and posted to the IETF repository. Name: draft-thomson-http2-client-certs Revision: 02 Title: Reactive Certificate-Based Client Authentication in HTTP/2 Document date: 2016-03-14 Group: Individual Submission Pages: 19 URL: https://www.ietf.org/internet-drafts/draft-thomson-http2-client-certs-02.txt Status: https://datatracker.ietf.org/doc/draft-thomson-http2-client-certs/ Htmlized: https://tools.ietf.org/html/draft-thomson-http2-client-certs-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-thomson-http2-client-certs-02 Abstract: Some HTTP servers provide a subset of resources that require additional authentication to interact with. HTTP/1.1 servers rely on TLS renegotiation that is triggered by a request to a protected resource. HTTP/2 made this pattern impossible by forbidding the use of TLS renegotiation. While TLS 1.3 provides an alternate mechanism to obtain client certificates, this mechanism does not map well to usage in TLS 1.2. This document describes a how client authentication might be requested by a server as a result of receiving a request to a protected resource. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
Received on Monday, 14 March 2016 22:04:37 UTC