Paul Rubin wrote:
>
> > What do you suggest for supporting this in mod_ssl, Bodo?
> > Via an explicit SSLCACertChain or whatever directive? Or implicitly?
>
> The behaviour that makes most sense, I think, is if you just have to
> append the CA certificate(s) to the usual certificate file.
>
> Something fancier might be appropriate. There may be situations where
> a different chain is needed depending on the browser type. Is it even
> possible to detect the browser type before sending the cert chain?
Huh? Unless I've missed something, the cert chain is uniquely determined
by the final cert, isn't it?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
