[EMAIL PROTECTED] wrote:
> No. the client will be asked to present the certificate its
> certificate to the server, who will then verify it against its known
> root certificates
Nearly correct -- the client presents a cert chain and the server
performs chain validation -- presumably stopping when it reaches
a cert in the chain that is already trusted. This may be the
server's own cert.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
