- From: Watson Ladd <watsonbladd@gmail.com>
- Date: Thu, 12 Oct 2023 11:50:38 -0700
- To: David Schinazi <dschinazi.ietf@gmail.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
I think I side with Martin Thompson's last sentence: there's two proposals to do very similar things, are we sure they can't be aligned? But I guess we've concluded we can't. In particular the analysis of the HTTP unprompted auth that needs to happen is pretty similarly complex to the one for exported authenticators. It does seem like the issues with the TLS key material exporter would remain: I'd love to know what specifically they are so I can hopefully hack on a solution. Sincerely, Watson -- Astra mortemque praestare gradatim
Received on Thursday, 12 October 2023 18:50:54 UTC