- From: Willy Tarreau <w@1wt.eu>
- Date: Thu, 1 Apr 2021 06:38:11 +0200
- To: Mark Nottingham <mnot@mnot.net>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On Thu, Apr 01, 2021 at 10:26:40AM +1100, Mark Nottingham wrote: > Hello everyone, > > This is a Call for Adoption for 'Client-Cert HTTP Header: Conveying Client Certificate Information from TLS Terminating Reverse Proxies to Origin Server Applications', found at: > https://www.ietf.org/archive/id/draft-bdc-something-something-certificate-05.html > > The intended status of the document would be Informational. Please comment on > whether you support adoption of this document. As always, adoption of a > document is treated as a starting point, and its contents may change as part > of the process. I think that trying to unify the format and rules around this is needed, as plenty of intermediaries are involved in TLS offloading, and once required to pass client-cert, their users do what they think they need instead of doing something safe and reliable. It's also a pain to implement in applications since there's no standard nor even guidelines around this. As such, I do support adoption. Willy
Received on Thursday, 1 April 2021 04:38:30 UTC