- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 22 Oct 2015 14:03:27 -0700
- To: Kyle Rose <krose@krose.org>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 22 October 2015 at 11:11, Kyle Rose <krose@krose.org> wrote: > The way in which this is relevant is that it would be nice to present the > user a better error than "ssl_error_handshake_failure_alert" in the case of > an expired or missing certificate. That is a choice the server makes. The server is perfectly able to complete a handshake and then deny the HTTP request. I know that many do not because that's more work to do right, but it's an option. I wouldn't interpret this as a defense of the client certificate UX in browsers. But I don't expect that to change significantly, our UX people have a lot of work to do, most of it much more important than this.
Received on Thursday, 22 October 2015 21:03:56 UTC