- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Sat, 4 May 2013 09:29:27 +0100
- To: Jonas Sicking <jonas@sicking.cc>
- Cc: Adam Barth <w3c@adambarth.com>, WebAppSec WG <public-webappsec@w3.org>, WebApps WG <public-webapps@w3.org>
On Fri, May 3, 2013 at 7:00 PM, Jonas Sicking <jonas@sicking.cc> wrote: > In the Gecko implementation they aren't. Assuming that you mean when with > credentials is set to false? Right, when it's set to false. What's the normative reference for TLS client certificates? https://tools.ietf.org/html/rfc5246#section-7.4.6 maybe? > We also don't reuse keep-alive http connections. Are we talking about persistent connections as per http://tools.ietf.org/html/rfc2616#section-8.1 or the obsolete HTTP/1.0 feature? -- http://annevankesteren.nl/
Received on Saturday, 4 May 2013 08:29:57 UTC