> Hi,
>
> I've been reading the subject book, by Eric Rescorla, and ran across the
> following passage on page 110 (Chapter 4, under "CertificateRequest"):
>
> "It is important to note that IF certificate chains are being used, then
> the CA name specified in the CertificateRequest message need not refer
> to the CA that signed the client's certificate, but may instead refer to
> one of the parent CAs."
>
> I'm wonder if anyone can tell me what he might've meant by the "IF" in
> the above sentence?
>
> Are certificate chains sometimes used and sometimes not used? Under
> what conditions?
yes, there are 3 cases for the handshake,
1) using certificate chains
2) using one certificate (not chain)
3) no certificate
;; takamixhi saito..
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
