> > No, it won't make your client-side less secure, it will > possibly make the server-side less sure of who's really > communication with it. > > There's no additional encryption or anything going on when > you use a client certificate, it is "just" an added certificate. >
Thanks for the info - it's easier not to have to manager the client certificate. > > Also, when using a client certificate with libcurl, is > there a way to > > pass it from memory instead of a file? Or is it required by the > > standards that the cert must be in a file? It would make deployment > > simpler if the cert was in a resource inside the executable. > > I agree that it would be nifty to have such a way, but we > have no such API (yet). It has been as for before, so I'm > sure you're not alone in wanting that ability. You up to > working to get it introduced? > Sure, that would be interesting. I'm currently very busy with finalizing my app, but I'll look into it after that. Adrian ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
