Client authentication on HTTP/2 over TLS 1.3 from 山本和彦 on 2024-01-16 (ietf-http-wg@w3.org from January to March 2024)

From: 山本和彦 <kazu@iij.ad.jp>
Date: Wed, 17 Jan 2024 08:19:07 +0900 (JST)
To: ietf-http-wg@w3.org
Message-Id: <20240117.081907.1772316278198532805.kazu@iij.ad.jp>

Hello,

RFC8740(Using TLS 1.3 with HTTP/2) forbids TLS 1.3 post-handshake
authentication. And it seems to me that "Secondary Certificate
Authentication in HTTP/2" has been expired.

What is the current recommended way for client-authentication after a
TLS 1.3 connection is established without client authentication?

--Kazu

Received on Tuesday, 16 January 2024 23:19:18 UTC