Re: RFC: Handling of certificates in Debian
On Mon, Sep 02, 2002 at 10:10:07PM +0200, Richard Braakman wrote:
> If you're going to tinker with the specification anyway, I would
> suggest one where the client states up front whose certificate it wants.
Such the Server Name Indication mechanism described in:
Or, using a "TLS upgrade" procedure as in RFC2817 where the server name
can be specified in a Host: header before the TLS handshake is started.
For other protocols, e.g. IMAP and SMTP, the STARTTLS method is used to
do something similar.