On Tue, Mar 02, 2021 at 05:48:05PM +0000, Jacob Champion wrote: > What would you think about adding the additional detail right after > verify_client_proof() fails? I.e.
Agreed. Having that once all the code paths have been taken and the client proof has been verified looks more solid. On top of what's proposed, would it make sense to have a second logdetail for the case of a mock authentication? We don't log that yet, so I guess that it could be useful for audit purposes? -- Michael
signature.asc
Description: PGP signature
