Re: Follow-up on draft-ietf-netconf-http-client-server from Kent Watsen on 2020-07-23 (ietf-http-wg@w3.org from July to September 2020)

From: Kent Watsen <kent+ietf@watsen.net>
Date: Thu, 23 Jul 2020 21:24:04 +0000
To: Ben Schwartz <bemasc@google.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>, "netconf-chairs@ietf.org" <netconf-chairs@ietf.org>
Message-ID: <010001737d8fd2a0-48a56328-5a22-4a27-afb7-1729d16e0fe5-000000@email.amazonses.co>

Thanks Ben!

Noted: client-auth not always mandatory for web proxies.

Cheers,
Kent


> On Jul 23, 2020, at 2:06 PM, Ben Schwartz <bemasc@google.com> wrote:
> 
> --00000000000070ddee05ab1fb7ab
> Content-Type: text/plain; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
> 
> No, it's entirely common to operate a Web Proxy that does not require or
> perform any HTTP or TLS client authentication.  Typically, this is because
> authorization is implicit from the network topology, and the proxy is only
> reachable by authorized users.
> 
> On Thu, Jul 23, 2020 at 11:24 AM Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>> wrote:
> 
>> 
>> TL;DR;  Is client-auth to a web proxy mandatory?
>> 
>> Thanks,
>> Kent
>> 
>> 
>> On Jul 21, 2020, at 12:40 PM, Kent Watsen <kent+ietf@watsen.net> wrote:
>> 
>> Thank you all for your earlier comments regarding
>> draft-ietf-netconf-http-client-server
>> <https://tools.ietf.org/html/draft-ietf-netconf-http-client-server <https://tools.ietf.org/html/draft-ietf-netconf-http-client-server>>.
>> 
>> The draft is now almost ready for WGLC (which will be CC-ed here as well)=
> ,
>> but there remains one item for which your guidance is needed (see bottom)=

Received on Thursday, 23 July 2020 21:24:17 UTC