Jacob Stewart <jacob.stewart@tutamail.com> writes: >>If no client certificate is presented, the server MUST reject the > connection. >>The server and client certificates are intended to identify the individual > users involved. > What if the server operator wants to operate an anonymous chat? Nothing prevents you from generating a one-time cert, having multiple pseudonymous certs corresponding to various assumed identities, etc etc. With client certs we can have both authentication and pseudonymity. -- Chris
---
Previous in thread (1 of 3): 🗣️ Jacob Stewart (jacob.stewart (a) tutamail.com)