@bascule @seancribbs @halorgium I'm in favor of it. X509 was never designed for SSL (thus the weird extensions and CN usage).
-
-
-
@evanphx@seancribbs@halorgium perhaps it's something Krypt could provide /cc@_emboss_ -
@bascule@seancribbs@halorgium@_emboss_ The problem will always be updating clients to use a new scheme. -
@evanphx@seancribbs@halorgium@_emboss_ what I'm really looking for is a way to expose client certs via Webmachine that isn't OpenSSL -
@bascule@seancribbs@halorgium@_emboss_ What do you want? Just encryption? Do you want server authentication? -
@evanphx@seancribbs@halorgium@_emboss_ client authentication via certificate: https://github.com/celluloid/reel/issues/94 … -
@bascule@seancribbs@halorgium@_emboss_ I'm not clear. Do you control the client and server and want a different enc/auth than SSL? -
@evanphx@seancribbs@halorgium@_emboss_ I want apps to be able to authenticate individual users by their certificate's subject - 11 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.