I don't quite understand Conserver's SSL support. What is the purpose
of specifying a certificate for a client, if the server cannot use it to
identify a particular user?
How do I tell the client what certificate to expect (or what CA to expect
to have signed it) for the server? If there's no way to do that, then
there is no real protection from using SSL, since it is trivial to conduct
a man-in-the-middle attack using any certificate that one happens to have
handy...
--
Thor Lancelot Simon
Coyote Point Systems, Inc. <tls@coyotepoint.com>
Millerton, NY, USA
_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users
of specifying a certificate for a client, if the server cannot use it to
identify a particular user?
How do I tell the client what certificate to expect (or what CA to expect
to have signed it) for the server? If there's no way to do that, then
there is no real protection from using SSL, since it is trivial to conduct
a man-in-the-middle attack using any certificate that one happens to have
handy...
--
Thor Lancelot Simon
Coyote Point Systems, Inc. <tls@coyotepoint.com>
Millerton, NY, USA
_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users