On Mon, Oct 23, 2023 at 12:26:03PM -0400, David Benjamin wrote: > > So in my mind this is something that will (almost) never be sent by > browsers. > > What cases would the "(almost)" kick in? This extensions model just doesn't > match how client certificates work in browsers. I'm not seeing any > interpretation beyond "always send" or "never send".
Explicit configuration to send this for some names/domains. Needed for some "enterprise" use cases (can also pop up in much smaller corporate contexts). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
