I already posted this question in [EMAIL PROTECTED] , got no answer so far. What mailing-list is the most suited to deal with SSL issues, mostly apache-ssl points? httpd.apache.org does adress some of the issues, mod_ssl mailing list seems not to be very popular, thought openssl was dealing with only openssl issues, but it seems to be also about mod_ssl... Here is my point : I have an application protected by client certificate authentication. I would like to let the user have a user-friendly way to change his authentication certificate, let's say he chooses to authenticate with certificate A, then a ssl handshake occurs and an ssl V3 session is set up. What if the user change his mind and wants to authenticate with certificate B. The working solution is to make him close all his open browser windows, restart his browser and reconnect to the page, then he will be asked again to present a certificate and will be able to present certificate B. Is there a simpler way for the user to ask him again to authenticate and to let him choose a different certificate? For a login/password type of authentication, you always have the choice to click on a Log out link that kills your session, and give you a chance to authenticate again with a different login/pwd. Can we imagine with client certificate authentication a same kind of way to log out and to authenticate with a different user. On IE, there is a button in Tools / Internet Options / Content, called Clear SSL Cache, that does a similar action than a log out button, I haven't been able to find a similar button on Mozilla-like browsers... Do you know of any button of his kind on Mozilla ? This would enable logging out from a client initiative. >From a server perspective : is it possible to send a signal to apache mod_ssl to tell >him to close the SSL session, so that the client goes back to an unauthenticated >session. If he wants to access a proctected page again, he would have a choice of >choosing a different certificate. Thanks for any ideas, cheers. Nicolas.
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
