Re: [whatwg/fetch] Clarification on CORS preflight fetches for TLS client certificates (#869) from sleevi on 2019-02-11 (public-webapps-github@w3.org from February 2019)

From: sleevi <notifications@github.com>
Date: Mon, 11 Feb 2019 13:17:17 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/869/462497771@github.com>

@mozkeeler Thanks! I was initially confused by a [misleading comment](https://dxr.mozilla.org/mozilla-central/rev/c2593a3058afdfeaac5c990e18794ee8257afe99/security/nss/lib/ssl/ssl3con.c#7391) in the NSS code, but yeah, it does look like for TLS 1.0+, it [sends an empty cert](https://dxr.mozilla.org/mozilla-central/rev/c2593a3058afdfeaac5c990e18794ee8257afe99/security/nss/lib/ssl/ssl3con.c#7382,7391,7434,7436-7438)



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/869#issuecomment-462497771

Received on Monday, 11 February 2019 21:17:39 UTC