Document Action: 'Client-Cert HTTP Header Field' to Informational RFC (draft-ietf-httpbis-client-cert-field-06.txt)
The IESG <iesg-secretary@ietf.org> Fri, 17 March 2023 18:34 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id F2308C15DD6A; Fri, 17 Mar 2023 11:34:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Document Action: 'Client-Cert HTTP Header Field' to Informational RFC (draft-ietf-httpbis-client-cert-field-06.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 9.15.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-httpbis-client-cert-field@ietf.org, francesca.palombini@ericsson.com, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, mnot@mnot.net, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <167907807796.34115.8991735834855247511@ietfa.amsl.com>
Date: Fri, 17 Mar 2023 11:34:37 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/isEIZtkAcbiavRJOyVT5eebW3Qg>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2023 18:34:38 -0000
The IESG has approved the following document: - 'Client-Cert HTTP Header Field' (draft-ietf-httpbis-client-cert-field-06.txt) as Informational RFC This document is the product of the HTTP Working Group. The IESG contact persons are Murray Kucherawy and Francesca Palombini. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-httpbis-client-cert-field/ Technical Summary This document describes HTTP extension header fields that allow a TLS terminating reverse proxy to convey the client certificate information of a mutually-authenticated TLS connection to the origin server in a common and predictable manner. Working Group Summary This document enjoyed relatively widespread discussion in the group. The specification is documenting and consolidating current practice that's fairly widespread. During the call for adoption, some expressed concern about whether this is actually a practice we want to recommend, from a security perspective. The resolution of that discussion was to publish as Informational, rather than Standards Track. Document Quality There are many implementations that use the same pattern; this specification attempts to consolidate them into one approach on the wire. It has not had external reviews, but there has been active participation from folks from the Security area. Personnel Document Shepherd: Mark Nottingham Responsible Area Director: Francesca Palombini