There are certainly use cases for self-signed certificates (althoug no good ones from a security perspective). But as I said, the Objective-CMIs lib perfectly supports these use cases in the authentication provider, there is no need to extend the HTTPRequest classes by an additional parameter. So the right place to implement such a feature is in an authentication provider and if there is concern that developers might struggle doing so we could either provide sample code for this or enhance the default provider (which I obviously would not prefer, but this is still the better option as you can completely swap out this (dangerous) provider and get back to a secure system).
How about that for a proposal? Peter
