Suppose someone refutes that they have sent information to a Web site owner, how is the Web site owner to prove that the information was in fact received and that it was signed with a given key?
To do this, the Web site owner would presumably need to be able to produce the still-encrypted post as sent by the user, but from a quickish reading of the mod_ssl reference, I don't see any way to log this information. Andrew McNaughton ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
