* Magnus Hagander:
> But no, it wouldn't be bad if there was a way to specify exactly which
> cert is used. Or at least validate the common name of it agains the
> hostname of the server.
SSH-like "leap of faith" authentication would be even better. Store
the certificate on the first connection (together with the domain
name), and refuse subsequent connections if the certificate changes.
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
