Re: ACTION-83 HTTPS Client checking of Server Identity from Mary Ellen Zurko on 2007-02-12 (public-wsc-wg@w3.org from February 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Mon, 12 Feb 2007 09:36:57 -0500
To: hlockhar@bea.com
Cc: public-wsc-wg@w3.org
Message-ID: <OF7C1B2EF4.56FAE628-ON85257280.00507FDE-85257280.0050A19C@LocalDomain>

Thanks Hal. 

>    If the hostname does not match the identity in the certificate, user
>    oriented clients MUST either notify the user (clients MAY give the
>    user the opportunity to continue with the connection in any case) or
>    terminate the connection with a bad certificate error. Automated

Does anyone know of any  user oriented client that does/has done this 
(terminate)?

Received on Monday, 12 February 2007 15:07:25 UTC