From 49db97f646ed68839d9f2d760eca87507514cd01 Mon Sep 17 00:00:00 2001
From: Jackson Morgan <jaxoncreed@gmail.com>
Date: Thu, 27 Jun 2019 10:03:01 -0400
Subject: [PATCH] Brought back TLS as a MAY

---
 README.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/README.md b/README.md
index f3be971..5fa467b 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,8 @@
     * [WebID Profile Documents](#webid-profile-documents)
 4. [Authentication](#authentication)
     * [Primary Authentication](#primary-authentication)
+      * [WebID-OIDC](#webid-oidc)
+      * [WebID-TLS](#webid-tls)
     * [Secondary Authentication: Account
         Recovery](#secondary-authentication-account-recovery)
 5. [Authorization and Access Control](#authorization-and-access-control)
@@ -122,9 +124,25 @@ provider or certificate authority.
 WebID-OIDC is based on the OAuth2/OpenID Connect
 protocols, adapted for WebID based decentralized use cases.
 
+Implementations of WebID-OIDC IDPs for Solid SHOULD implement TLS as a login method
+alongside other login methods such as passwords.
+
 **See component spec:
   [WebID-OIDC Specification](https://github.com/solid/webid-oidc-spec)**
 
+#### WebID-TLS (Optional)
+
+**Note:** Several browser vendors (Chrome, Firefox) have removed support
+for the `KEYGEN` element, on which WebID-TLS relied for in-browser certificate
+generation.
+
+Solid servers MAY implement the [WebID-TLS
+protocol](http://www.w3.org/2005/Incubator/webid/spec/tls/) as one of their
+primary authentication mechanisms.
+
+**See component spec:
+  [Solid WebID-TLS Specification](authn-webid-tls.md)**
+
 ### Secondary Authentication: Account Recovery
 
 Regardless of the primary authentication mechanism, bearer tokens and other