Hi Simon, On Mon, Jan 19, 2026 at 11:38:11PM +0000, Simon Ser wrote: > Add the PP2_SUBTYPE_SSL_CLIENT_CERT code point reservation in the > proxy protocol specification. This is useful in cases where the > backend needs to perform mTLS authentication, but the rules for > certificate validation are backend-specific (e.g. database of > allowed certificate hashes). > > This is left optional to leave it up to the frontend configuration > to dictate whether to forward raw certificate data. > > Support for this new TLV has been added in tlstunnel: > https://codeberg.org/emersion/tlstunnel/pulls/33 > --- > > Changes in v2: rename to PP2_SUBTYPE_SSL_CLIENT_CERT, add reference > to implementation in commit message.
Perfectly clean! Now applied, thank you! Willy
