--On Friday, February 17, 2006 2:01 PM -0300 Luis Henrique <[EMAIL PROTECTED]> wrote:
I dont care about the session security. I just want to associate the broser user with one in my database. For this a need to get his cert.
You *can* set up HTTPS then drop to NULL encryption :-P To get the cert transparently you have to use the HTTPS protocol - there is no other wide-recognized protocol to get at the cert. Consider: You have to make sure that the cert you get is actually one that the user is allowed to present you (one that he didn't snatch off the neighbour's disk). This is done by checking whether the client also owns the private key associated to the public key in the cert, so some encryption traffic will have to take place. Best, -- David --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
