On Fri, 25 Jul 2014 18:45:07 +0000 Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
>Failure to understand the fundamental asymmetry between the client >and server roles in SMTP (in particular) or TLS (in general) leads >to magical thinking where you want the impossible, and insist that >surely everyone is negligent or incompetent for failing to see the >light. I know what you mean, point taken. False assumptions are misleading even the best people some times. The difference between the knowledge of a developer and a user is often a big barrier. But never forget this: We need each other! ;-) Well, you made many words, thank you for that patience! Now I think my false assumption (and underlying expectation) was, that this "backfiring" client certificate verification leads to at least some assessment about the connections integrity. But it does not, because it's just like showing a passport and has in fact nothing to do with the current underlying TLS link, correct so far? Regards BlueStar88
signature.asc
Description: PGP signature
