On Mon, Sep 02, 2002 at 10:10:07PM +0200, Richard Braakman wrote: [on TLS] > If you're going to tinker with the specification anyway, I would > suggest one where the client states up front whose certificate it wants.
Such the Server Name Indication mechanism described in: <http://www.ietf.org/internet-drafts/draft-ietf-tls-extensions-05.txt> Or, using a "TLS upgrade" procedure as in RFC2817 where the server name can be specified in a Host: header before the TLS handshake is started. For other protocols, e.g. IMAP and SMTP, the STARTTLS method is used to do something similar. -- Andrew McDonald E-mail: [EMAIL PROTECTED] http://www.mcdonald.org.uk/andrew/
