- From: Ilari Liusvaara <ilariliusvaara@welho.com>
- Date: Mon, 13 Nov 2017 13:05:13 +0200
- To: Nick Sullivan <nicholas.sullivan@gmail.com>
- Cc: Kazuho Oku <kazuhooku@gmail.com>, Mike Bishop <mbishop@evequefou.be>, HTTP Working Group <ietf-http-wg@w3.org>
On Mon, Nov 13, 2017 at 09:29:19AM +0000, Nick Sullivan wrote: > Hi Kazuho, > > Thanks for this. I think you found an issue that we did not consider: the > fact that server support for setting AUTOMATIC_USE in client certificates > may not be desirable for all servers. The CGI case you describe would work > find as long as the client doesn't use AUTOMATIC_USE. I think it is more multiple certificates that causes problems here than AUTOMATIC_USE. (AUTOMATIC_USE has its problems, but those seem to be mostly related to the server becoming confused about what the client actually meant). -Ilari
Received on Monday, 13 November 2017 11:05:44 UTC