Should FTPS do hostname verification? (Where you check the hostname you're connecting to against the CN value of the certificate).
Here's an implementation in HttpClient if you're interested: http://svn.apache.org/viewvc/jakarta/httpcomponents/httpclient/trunk/src/java/org/apache/http/conn/ssl/HostnameVerifier.java?view=markup I have a small fix I'd like to make to that code, though: https://issues.apache.org/jira/browse/HTTPCLIENT-617 I'll try and do that within the next 3 days. -- yours, Julius Davies 416-652-0183 http://juliusdavies.ca/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]