this.
-Original Message-
From: TLS On Behalf Of Viktor Dukhovni
Sent: Monday, March 27, 2023 8:08 AM
To: tls@ietf.org
Subject: Re: [TLS] potential security concern regarding the exchange of client
certificates during the TLS handshake process
On Sun, Mar 26, 2023 at 02:18:58AM +, Yannick LaRue
On Sun, Mar 26, 2023 at 02:18:58AM +, Yannick LaRue wrote:
> [...] This means that information such as the client's name, email
> address, and other identifying details are transmitted in cleartext,
> potentially allowing for interception and exploitation by malicious
> actors.
This is true
Dear TLS Working Group,
I am writing to bring to your attention a potential security concern
regarding the exchange of client certificates during the TLS handshake
process. While the use of client certificates for authentication is a useful
security measure, it also presents a risk in terms
