Hi Michael, While I agree that it would make sense for us to not be swimming upstream regarding our usage of X.509 certs, alas we are not in a position to change the fundamental model, as this is the way our customer does its business. Denis
On Fri, Jan 30, 2009 at 2:15 PM, Michael Ströder <mich...@stroeder.com> wrote: > Ian G wrote: >> X.509 is a user concept, not a transaction concept. > > Hmm, X.509 certs are simply a strong binding between a name of an entity > and a public key. Machines can be entities too like with server certs. > > Still I'd agree that the original poster should rethink his concept. I'd > probably prefer the X.509-based user authc and lookup the machine on > which the transaction was performed based on other data. > > Ciao, Michael. > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- Annadale Technologies Limited -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto