Re: [OAUTH-WG] client certs and TLS Terminating Reverse Proxies (was Re: I-D Action: draft-ietf-oauth-jwt-introspection-response-08.txt)

Salz, Rich Mon, 28 Oct 2019 09:49:34 -0700

Sorry for jumping into this late.

Client <--> proxy <--> backend


The C/P side is protected by TLS.  There must be similar protection on the P/B 
side, such as client-cert, or a signature over the certificate being forwarded, 
right?

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] client certs and TLS Terminating Reverse Proxies (was Re: I-D Action: draft-ietf-oauth-jwt-introspection-response-08.txt)

Reply via email to