Viktor Dukhovni <ietf-d...@dukhovni.org> writes: >I don't see in your comment anything to suggest that the flag is a no-go.
Oh, it's definitely not a no-go, just pointing out that you shouldn't read too much into seeing a cert request from a server. In other words if the client says "I have a cert" and the server responds "please authenticate using the cert", that doesn't mean that the server will actually expect client cert auth at that point. So it may be necessary to have the server respond with its own flag to indicate that it really does want client cert auth and isn't just asking for a client cert on autopilot. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
