|
On Mon, 12 Jan 2004 18:02:53 -0600 Patrick Botz <botz@xxxxxxxxxx> wrote: > --snip-- > Brad, > "SSL with Client authentication" is when the server, > after authenticating > to the client, turns around and challenges the client to > prove that the > client is who it/he/she claims to be. The client also > presents a digital > certificate to the server for authentication. Client > authentication happens > after the SSL connection is set up and is not technically > part of the SSL > handshake. That is why it is called SSL with client > authentication. > I think the biggest problem understand this is when and where do we install certificates, and who creates them. It sounds like, in your description, either the client creates a cert to validate itself to the server on the fly, or prior to communications the server must install a cert provided by the client for authentication, as well as the client machine installing a cert from the server. See, even that sounds confusing. :) See where I'm going with this? In this case, myself, the client, has installed a cert provided by the server side. That's it. Should there be more setup?
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
