implementing client certificate support

Sean Conner sean at conman.org
Tue Jun 9 21:59:52 BST 2020

Previous message (by thread): implementing client certificate support
Next message (by thread): implementing client certificate support
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was thus said that the Great solderpunk once stated:
> On Tue, Jun 09, 2020 at 12:01:28AM -0400, Michael Lazar wrote:
>  
> > Drop "64 FUTURE CERTIFICATE REJECTED" and "65 EXPIRED CERTIFICATE REJECTED"
> > while you're at it, they can be subsumed by "63 CERTIFICATE NOT ACCEPTED".
> 
> I expect Sean to object to this...

  Not too terribly.  I only added the bunch of codes to help with debugging
a rejection.  I would accept the following:

	60	client certificate required
	61	client certificate invalid (or expired)
	62	client certificate rejected

  Just saying "bad certificate" isn't actionable enough for the user.  Why
is it bad?  Has it expired?  Rejected?  What?  I NEED TO KNOW!

  -spc

Previous message (by thread): implementing client certificate support
Next message (by thread): implementing client certificate support
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list