W3C home > Mailing lists > Public > public-wsc-wg@w3.org > February 2007

Re: ACTION-83 HTTPS Client checking of Server Identity

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Mon, 12 Feb 2007 09:36:57 -0500
Cc: public-wsc-wg@w3.org
Message-ID: <OF7C1B2EF4.56FAE628-ON85257280.00507FDE-85257280.0050A19C@LocalDomain>
To: hlockhar@bea.com 
Thanks Hal. 

>    If the hostname does not match the identity in the certificate, user
>    oriented clients MUST either notify the user (clients MAY give the
>    user the opportunity to continue with the connection in any case) or
>    terminate the connection with a bad certificate error. Automated

Does anyone know of any  user oriented client that does/has done this 
(terminate)?
Received on Monday, 12 February 2007 15:07:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:45 GMT