On Fri, Sep 15, 2017 at 8:42 AM, Jeffrey Walton <noloa...@gmail.com> wrote: > The current models uses origins as a boundary, so they are different > security contexts.
That's not relevant here. A certificate allows a server to speak for multiple origins. The notion of an origin is, as you say, established at a higher layer. TLS establishes a broader notion of identity. If you are interested in what origins a server might be authoritative for and how those might be managed, see http://httpwg.org/http-extensions/origin-frame.html _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
