Mutual TLS (mTLS)

## Proposal 

I would like to propose that the CG pursue standardization of Mutual TLS authentication in the `fetch` API.

This is a feature that is not likely to be implemented by browser runtimes but is in my opinion missing in non-browser runtimes where `fetch` is the only interoperable HTTP client.

The use-case I have in mind is implementation of OAuth [mTLS Client Authentication](https://www.rfc-editor.org/rfc/rfc8705.html#name-mutual-tls-for-oauth-client) and [Client Certificate-Bound Access Tokens](https://www.rfc-editor.org/rfc/rfc8705.html#name-mutual-tls-client-certifica).

## Prior Art

**Node.js** - [`https` module](https://nodejs.org/api/https.html#httpsgetoptions-callback) has the option to provide the `cert`, `key`, `crl`, `passphrase`, `pfx`, and `ca` options.

**Deno** - using `deno --unstable` there's `Deno.createHttpClient`, the result of which can be passed as a `client` property to `fetch`'s `init` argument. This method accepts `certChain`, `privateKey`, and `caCerts` options.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Mutual TLS (mTLS) #3

Proposal

Prior Art

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Mutual TLS (mTLS) #3

Description

Proposal

Prior Art

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions