Well, the interface implementation to authorize authenticated clients is
optional. Static http content servers don't necessarily have to keep track of
their clients yet want a secure channel to transmit content choices privately.
I'm primarily addressing application servers like google mail, your bank, etc.
The ones who need authentication.
Karl
________________________________
From: Randy Bush <[email protected]>
To: Karl Malbrain <[email protected]>
Cc: perpass <[email protected]>
Sent: Friday, September 13, 2013 3:17 PM
Subject: Re: [perpass] proposed enhancement to TLS strong authentication
protocol
> Most https protected channels are to servers with some sort of agency
> on behalf of the client.
not today, and less and less in the future if the efforts here make
progress
randy
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
