Isn't mod_ssl used solely for HTTPS (browser-server encryption)? I would like to use PKI for user authentication like you can in SSH on top of the encryption provided by HTTPS. The most secure option I see available for web authentication currently is OTP tokens (RSA,etc) that only work on one web site.
thanks, -rob On Sat, Nov 20, 2010 at 5:37 AM, Graham Leggett <[email protected]> wrote: > > Is there anything here that isn't already done by X509 client certificates, > as offered by mod_ssl? > > Regards, > Graham
