Skip to main content

Secondary Certificate Authentication in HTTP/2

Document Type Expired Internet-Draft (httpbis WG)
Expired & archived
Authors Mike Bishop , Nick Sullivan , Martin Thomson
Last updated 2020-11-16 (Latest revision 2020-05-14)
Replaces draft-bishop-httpbis-http2-additional-certs
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Dead WG Document
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Yes
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


A use of TLS Exported Authenticators is described which enables HTTP/2 clients and servers to offer additional certificate-based credentials after the connection is established. The means by which these credentials are used with requests is defined.


Mike Bishop
Nick Sullivan
Martin Thomson

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)