Just a question because I turn it into my head up side down but I can't figure out if what I would like to do is an security Hole :
I have a client , and I have locally the certificate I expect ... I ask the server for a SSL connection ... I check the certificate the normal way (exept that don't check the hostname because I assume there is no hostname) and I compare the two certificate ... If I pass throw every steps I now consider that I talk with the right person ... Is it right ? Am I mistaken ? I think I am not but I prefer be sur .... thanks a lot Kikx _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
