Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renegotiation and Client-Cert #1519

Closed
MikeBishop opened this issue May 24, 2021 · 0 comments · Fixed by #1897
Closed

Renegotiation and Client-Cert #1519

MikeBishop opened this issue May 24, 2021 · 0 comments · Fixed by #1897
Labels
client-cert-field

Comments

@MikeBishop
Copy link
Contributor

@b---c wrote:

TODO: HTTP2 forbids TLS renegotiation and post-handshake authentication but it's
possible with HTTP1.1 and maybe needs to be discussed explicitly here or
somewhere in this document? Naively I'd say that the Client-Cert header will
be sent with the data of the most recent client cert anytime after renegotiation
or post-handshake auth. And only for requests that are fully covered by the cert
but that in practice making the determination of where exactly in the
application data the cert messages arrived is hard to impossible so it'll be a
best effort kind of thing.
@b---c b---c mentioned this issue Jun 10, 2021
Merged
b---c added a commit that referenced this issue Jun 10, 2021
@b---c
Merge pull request #1523 from httpwg/cert/todo_to_issue
4acb433 
Remove TODOs and convert them to issues #1519 #1520 #1521 and #1522
b---c pushed a commit that referenced this issue Jan 20, 2022
@bc-pi
painful words in an attempt to explain renegotiation's applicability …
06efc29 
…with client-cert header to fix #1519
@b---c b---c mentioned this issue Jan 20, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
client-cert-field
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

client-cert header and renegotiation httpwg/http-extensions
1 participant
@MikeBishop