On Fri, Oct 25, 2019 at 10:02:41AM -0400, Rifaat Shekh-Yusef wrote: > You might want to look at RFC7239, which is trying to address the issue of > the loss of information by proxies. > https://tools.ietf.org/html/rfc7239 > > The document does not have a parameter to carry the client certificate > information, but it allows for new parameters to be defined. > > Would that help in this case?
That is interesting and related, though the proposed work I remember hearing about recently is not quite in the same space. Specifically, it wanted to have a secure protocol between proxy and backend, and it's not clear that reusing https for that is the right thing. -Ben _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth