cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-library Mailing List Archives

Re: SSL sample (again)

From: Goetz Babin-Ebell <babin-ebell_at_trustcenter.de>
Date: Tue, 16 Dec 2003 22:22:58 +0100

Hello Jerry,

Jerry G. Chiuan wrote:
>>Jerry G. Chiuan wrote:
>>

>>That is not good.
>>HTTPS without peer verification is useless.
>>
>>You can turn off client authentication,
>>but you never should turn of peer cert verification.
>
> ya, I agree with this point
> but I forgot to mention that my usage depends on users totally trust the
> peer, and can bypass the peer verification
> e.g. users link to their own company's site

Ahem.

For the user being able to trust the peer,
the user must ensure he is really talking with the peer.

And for that he must do peer verification...

Bye

Goetz 

-- 
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126

-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click

Received on 2003-12-16

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET