[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: tlsverifyclient security implications
Howard Chu <hyc@symas.com> wrote:
> But certificates are not a required element for encryption of a connection -
> after all, TLS also supports anonymous Diffie-Hellman key exchange.
Sure, but encryption without authentication makes little sense, as you
don't know who you are securely speaking to: you can get an encrypted
link to a man in the middle.
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org