[Development] RFC: Managing the Addition of New SSL Backends
rich at kde.org
Sun May 4 13:32:02 CEST 2014
On 3 May 2014 22:38, Thiago Macieira <thiago.macieira at intel.com> wrote:
> Em sáb 03 maio 2014, às 22:23:30, Richard Moore escreveu:
> > - A small but significant number of apps use client certificates.
> > - A small but significant number of apps use server SSL sockets.
> > - Very few applications use custom trust stores.
> I'd say there's a specific case where all three go together: if I am
> trying to
> verify a client certificate in a server application, I probably want to
> that the client certificate was issued by my CA.
> However, this case is uncommon and it's also unlikely to happen in a
> closed /
> controlled platform. Servers running SSL services are often not mobile
> applications, but it could happen for device-to-device communication in an
> Internet of Things world...
Yes, I think there are plenty of good reasons why people might do that, and
I'm not saying I think we should be aiming to have less capable backends.
I'm just trying to think of ways we can manage the fact that they're likely
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Development