diff --git a/credentials/credentials_test.go b/credentials/credentials_test.go
index 843b99acee3f..32ed57d99d42 100644
--- a/credentials/credentials_test.go
+++ b/credentials/credentials_test.go
@@ -475,6 +475,7 @@ func (s) TestParseSpiffeID(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			info := TLSInfo{
 				State: tls.ConnectionState{PeerCertificates: []*x509.Certificate{{URIs: tt.urls}}}}
+			// fmt.Println(info.State.PeerCertificates[0])
 			err := info.ParseSpiffeID()
 			if got, want := err != nil, tt.expectError; got != want {
 				t.Errorf("want expectError = %v, but got expectError = %v, with error %v", want, got, err)
diff --git a/credentials/tls.go b/credentials/tls.go
index 005fba93a6d4..4691ec8eadb3 100644
--- a/credentials/tls.go
+++ b/credentials/tls.go
@@ -55,42 +55,6 @@ func (t TLSInfo) GetSecurityValue() ChannelzSecurityValue {
 	return v
 }
 
-// ParseSpiffeID parses the Spiffe ID from State and fill it into SpiffeID.
-// An error is returned only when we are sure Spiffe ID is used but the format
-// is wrong.
-func (t *TLSInfo) ParseSpiffeID() error {
-	if len(t.State.PeerCertificates) == 0 || len(t.State.PeerCertificates[0].URIs) == 0 {
-		return nil
-	}
-	spiffeIDCnt := 0
-	var spiffeID url.URL
-	for _, uri := range t.State.PeerCertificates[0].URIs {
-		if uri == nil || uri.Scheme != "spiffe" || uri.Opaque != "" || (uri.User != nil && uri.User.Username() != "") {
-			continue
-		}
-		// From this point, we assume the uri is intended for a Spiffe ID.
-		if len(uri.Host)+len(uri.Scheme)+len(uri.RawPath)+4 > 2048 ||
-			len(uri.Host)+len(uri.Scheme)+len(uri.Path)+4 > 2048 {
-			return fmt.Errorf("invalid SPIFFE ID: total ID length larger than 2048 bytes")
-		}
-		if len(uri.Host) == 0 || len(uri.RawPath) == 0 || len(uri.Path) == 0 {
-			return fmt.Errorf("invalid SPIFFE ID: domain or workload ID is empty")
-		}
-		if len(uri.Host) > 255 {
-			return fmt.Errorf("invalid SPIFFE ID: domain length larger than 255 characters")
-		}
-		// We use a default deep copy since we know the User field of a SPIFFE ID is empty.
-		spiffeID = *uri
-		spiffeIDCnt++
-	}
-	// A standard SPIFFE ID should be unique. If there are more, we don't raise
-	// any errors but simply not plumbing any of them.
-	if spiffeIDCnt == 1 {
-		t.SpiffeID = &spiffeID
-	}
-	return nil
-}
-
 // tlsCreds is the credentials required for authenticating a connection using TLS.
 type tlsCreds struct {
 	// TLS configuration