On Wed, Oct 23, 2019 at 2:11 PM Brian Campbell <bcampb...@pingidentity.com> wrote: > I agree with Ben here that it's not at all clear that the OAuth MTLS document > should have defined a protocol from proxy to backend.
Shouldn't it at least normalitvely reference some other spec then? If that reference is not defined before this draft is finalized, one could say they comply with the final mTLS spec but in a non-interoperable way. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
