> If client authentication requested by the server, is it MUST to send > the certificate chain along with client certificate? Does RFC > mandates sending certificate chain?
The client is supposed to send the chain up to, but not necessarily
including, the root. Look at teh description of certificate_list at the
top of page 39 of RFC 2246.
/r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/
