I am developing an iPhone app that will incorporate SSL for encryption of network communication. The encrypted connection will be between average users and their home servers. Most of the time I envision people having SSL certificates that cannot be validated with the default iPhone root certificates. When this occurs, I would like to show a screen with information from the certificate so people can manually verify that it matches the certificate of their home server.
Given the screen real estate of a mobile device, what information would you present to the user, and what would you leave out? I am thinking of presenting just the issuer, subject, validity time frame, and signature, leaving out things like serial number, signature and key algorithms, and the public key itself. Is this reasonable? Thanks, Chase Douglas ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
