Hello Hugo, Thanks for the clarification.
On Thu, Aug 25, 2011 at 4:12 PM, Hugo Vazquez Carames <[email protected]>wrote: > > Even if the client -a browser- is able to do it's own OCSP queries, > validation of the client certificate should be done always at the server > side, for security reasons -for example someone trying to use a revoked > client certificate-. You can to it at the CGI level, but it will make life > easier to have the option of configuring it at the Cherokee -web server- > level, like Apache does in their last server version. > Well, in my understanding, it should be implement as an uWSGI, FastCGI or SCGI application. The feature is too specific to be part of a general purpose Web server my default. > Does Cherokee allow -or will allow- to configure an OCSP responder to > validate client certificates? It is certainly not in the roadmap. Actually, I can see the value of having a uWSGI/FastCGI app, but I'm not even sure this is something that should be built-in the web server. If we had the app though, we could provide a Wizard to auto-configure it. -- Greetings, alo http://www.octality.com/
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
