Chris Brannon chris at the-brannons.com
Sat Oct 2 14:15:45 BST 2021
- - - - - - - - - - - - - - - - - - -
Jacob Stewart <jacob.stewart at tutamail.com> writes:
If no client certificate is presented, the server MUST reject the
connection.
The server and client certificates are intended to identify the individual
users involved.
What if the server operator wants to operate an anonymous chat?
Nothing prevents you from generating a one-time cert, having multiplepseudonymous certs corresponding to various assumed identities, etcetc. With client certs we can have both authentication andpseudonymity.
-- Chris