On Wed, 22 Aug 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> Ideally, we should be verifying for a failed Client authentication soon
> after a SSL_accept, and a connection closed accordingly.
ok, thats in, thanks.
> The stuff that's being done in ssl_hook_Access is mostly to ensure that the
> certificate has proper permissions to access that location. It's mostly
> concerned with the "SSLRequire" parameter.
also for per-location client auth (SSLVerify*). it would also handle
per-server SSLVerify too, but triggers renegotiation, which it shouldn't
now with your patch in.
