On Thu, Jun 06, 2002 at 02:51:57PM -0400, Jeffrey Altman wrote: > Verifying the client certificate is only half the issue. The other > half is deciding whether or not the holder of the cert is authorized > to access the service and with what user name(s).
> > This requires more than simply checking to see if the client cert can > be validated by a CA Root cert. Yes, this is true. But many applications only needed it. ./nelson -murilo ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]