Jeffrey Altman wrote: > The only way that the server would not send the certificate is if the > client requests a negotiation of an Anonymous cipher. In that case no > certificate would be used.
Or a handshake failure alert will be sent to the client. That's what *should* happen when a client sends a hello with only anonymous DH ciphers in the list ;-) It's also the case that the client may send a 'Hello request' instead of a client hello, in order to see what the server supports... ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
