Client certificate musings

solderpunk solderpunk at SDF.ORG
Wed May 27 22:30:33 BST 2020

Previous message (by thread): Client certificate musings
Next message (by thread): Client certificate musings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 27, 2020 at 11:13:09PM +0200, Petite Abeille wrote:

> SSL/TLS client certificate verification with Python v3.4+ SSLContext
> https://www.electricmonk.nl/log/2018/06/02/ssl-tls-client-certificate-verification-with-python-v3-4-sslcontext/

Okay, I stand very slightly corrected: a Python server using the
standard library can accept a self-signed client certificate *if* that
certificate (not just its fingerprint but the entire thing) is
whitelisted in advance of the connection.  But this is insufficient for
almost all the applications we've discussed.  It's of no use for the
transient client certificate paradigm, in particular.

Cheers,
Solderpunk

Previous message (by thread): Client certificate musings
Next message (by thread): Client certificate musings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list