From bfe6cd28170de90b937eef986782cec0960e9a6a Mon Sep 17 00:00:00 2001
From: Bobby Rullo <bobby.rullo@coreos.com>
Date: Thu, 3 Sep 2015 09:56:48 -0700
Subject: [PATCH] Documentation: remove outdated TLS info

---
 Documentation/oidc-notes.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/Documentation/oidc-notes.md b/Documentation/oidc-notes.md
index 02fdce6d..4aec15dd 100644
--- a/Documentation/oidc-notes.md
+++ b/Documentation/oidc-notes.md
@@ -14,9 +14,6 @@ Sec. 2. [ID Token](http://openid.net/specs/openid-connect-core-1_0.html#IDToken)
 Sec. 3. [Authentication](http://openid.net/specs/openid-connect-core-1_0.html#Authentication)
 - Only the authorization code flow (where `response_type` is `code`) is supported.
 
-Sec. 3.1.2. [Authorization Endpoint](http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint)
-- In a production system TLS is required but the dex web-server only supports HTTP right now - it is expected that until HTTPS is supported, TLS termination will be handled outside of dex.
-
 Sec. 3.1.2.1. [Authentication Request](http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)
 - max_age not implemented; it's OPTIONAL in the spec, but if it's present servers MUST include auth_time, which dex does not.
 - None of the other OPTIONAL parameters are implemented with the exception of:
-- 
GitLab