Depends on the implementation. It's a topic that should be brought up. However, I believe most implementations use a cert from the same CA trust root that signed the server's certificate.
(And I'm conjecturing here, I haven't looked at OpenSSL's code for it yet.) -Kyle H On 3/7/06, Richard Salz <[EMAIL PROTECTED]> wrote: > I'm looking to collect information on what various clients do when sent a > cert request with no DN's. > > One possible reading of the spec is "send any cert you want," as opposed > to anchored in the specified trust chain. > > Does it work that way in "real life"? > > /r$ > > -- > SOA Appliance Group > IBM Application Integration Middleware > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
