>
> If users accept certificates without some independent way of verifying
> the identity of the signer, then this obviates the entire point of
> certificates, which is to prevent active attack on the connection.
> The vast majority of the complexity of SSL is there to prevent
> active attack. B
certificate message, and
there is nothing wrong with it. I have also verified that MSIE is not returning
a session id in the subsequent Client Hello message. Does anybody have any idea
what is going on?
Thanks,
Tom Damon
=
__
Do You Yahoo!?
Bid and sell
