TLS client authentication, Re: openPGP vs x509

Holger Sesterhenn Holger.Sesterhenn at
Wed Apr 7 13:22:56 CEST 2004


Werner Koch wrote:

> TLS provides such a mechanism but sane users don't hand their money
> over to Verisign for a user certificate.  I don't know whether
> browsers support this at all.

It's called 'client authentication' and you have to import this special
certifacte into your browser. IE, NS and Mozilla do support such
behaviour since ages.

I'am working with such a configuration every day. Of course we have
created our own certificate hierachy. No need for Verisign.

Best Regards,

Holger Sesterhenn

More information about the Gnupg-users mailing list