From: Charles D. <cd...@sp...> - 2007-01-08 17:31:12
|
Faidon Liambotis wrote: > Another reason to do it is because it's the obvious thing to do: > -not-required doesn't mean -do-not-check/-ignored, it means "I will not > fail if you don't provide it but I will fail if provide one that I can't > verify", IMHO. Checking the certificate only if present and treating it as successful should it not be present adds no real (non-illusory) security over not checking the certificate at all. Leading people to believe that they have some additional certificate-provided level of security when using certificates in conjunction with client-cert-not-required is thus the Wrong Thing as opposed to making it clear that there is no certificate-related security provided when client-cert-not-required is in use. Also, modifying the code to add an illusory level of security is more work than not having that (illusory-only) security at all. |