cURL / Mailing Lists / curl-library / Single Mail


Re: SSL sample (again)

From: Goetz Babin-Ebell <>
Date: Tue, 16 Dec 2003 22:22:58 +0100

Hello Jerry,

Jerry G. Chiuan wrote:
>>Jerry G. Chiuan wrote:

>>That is not good.
>>HTTPS without peer verification is useless.
>>You can turn off client authentication,
>>but you never should turn of peer cert verification.
> ya, I agree with this point
> but I forgot to mention that my usage depends on users totally trust the
> peer, and can bypass the peer verification
> e.g. users link to their own company's site


For the user being able to trust the peer,
the user must ensure he is really talking with the peer.

And for that he must do peer verification...



Goetz Babin-Ebell, TC TrustCenter AG,
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126

This email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now!

Received on 2003-12-16