Skip to main content

Secondary Certificate Authentication in HTTP/2

Document Type Expired Internet-Draft (httpbis WG)
Authors Mike Bishop , Nick Sullivan , Martin Thomson
Last updated 2020-11-16 (Latest revision 2020-05-14)
Replaces draft-bishop-httpbis-http2-additional-certs
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream WG state Dead WG Document
Associated WG milestone
Submit Secondary Certificates
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Yes
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:


A use of TLS Exported Authenticators is described which enables HTTP/2 clients and servers to offer additional certificate-based credentials after the connection is established. The means by which these credentials are used with requests is defined.


Mike Bishop
Nick Sullivan
Martin Thomson

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)