>>>>> "Ben" == Ben Laurie <[EMAIL PROTECTED]> writes:
>> TLS Client AUthentication
>>
>> Your taxonomy assumes that TLS is a valid approach to client
>> authentication. As I understand HTTP, that is only true
>> assuming there are no proxies between the user and the RP.
Ben> HTTP proxies support the CONNECT method for this (all they do
Ben> is copy the raw connection data in both directions). Note
Ben> that if proxies didn't do this, then server authentication
Ben> would also be impossible.
I'm sorry, I mean no non-connect based proxies.
I.E. proxies that are HTTP hops.
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
