On Tue, May 07, 2002 at 03:55:08AM +1200, Andrew McNaughton wrote:
>
> Suppose someone refutes that they have sent information to a Web site
> owner, how is the Web site owner to prove that the information was in
> fact received and that it was signed with a given key?
>
> To do this, the Web site owner would presumably need to be able to produce
> the still-encrypted post as sent by the user, but from a quickish reading
> of the mod_ssl reference, I don't see any way to log this information.
>
The SSL protocol does not have any support for that.
vh
Mads Toftum
--
With a rubber duck, one's never alone.
-- "The Hitchhiker's Guide to the Galaxy"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
