+1 to Justin's and Brian's comments, I am interested to contribute and I
will try and be there in person as well
Hans.
On Tue, Oct 29, 2019, 22:56 Brian Campbell wrote:
> +1 to pretty much everything Justin said there.
>
> With some facilitating assistance from Ben it looks like there's now an
Hello chairs,
I would like to request time to discuss these two items:
https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-04
https://tools.ietf.org/html/draft-parecki-oauth-client-intermediary-metadata-00
I will be attending in person. Thanks!
Aaron Parecki
aaronparecki.com
@
+1 to pretty much everything Justin said there.
With some facilitating assistance from Ben it looks like there's now an
agenda slot for this in the upcoming secdispatch meeting in Singapore. I'll
attempt to articulate the situation and see if there's interest in finding
a home for the perspective
I would argue that making this standard would actually increase the likelihood
of developers getting this right, as now instead of following some copy-pasted
recipe for NGINX or Apache that they found on the web, they could turn on a
standard setting that would take care of both stripping out in
I mean the cert that the ORIGINAL client presented to the proxy.
From: Rifaat Shekh-Yusef
Date: Tuesday, October 29, 2019 at 7:57 AM
To: Rich Salz
Cc: Neil Madden , Brian Campbell
, oauth
Subject: Re: [OAUTH-WG] client certs and TLS Terminating Reverse Proxies (was
Re: I-D Action: draft-ietf-
Maybe I misunderstood what you meant by "client-cert". If you meant the
proxy client certificate, then that is obviously not enough. You seem to
suggest that you meant the remote client certificate to be installed on the
proxy to be used with the backend system; if this is the case, then this
would
