httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r1761215 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Date Sat, 17 Sep 2016 13:09:25 GMT
Author: covener
Date: Sat Sep 17 13:09:25 2016
New Revision: 1761215

URL: http://svn.apache.org/viewvc?rev=1761215&view=rev
Log:
feedback in   http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#comment_5818

This added paragraph about optional and optional_no_ca isn't helpful.

At the TLS layer, the challenge for otpional and required are no different.

Move the caution about _no_ca up into where the option is defined
and reword.



Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1761215&r1=1761214&r2=1761215&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Sat Sep 17 13:09:25 2016
@@ -1287,13 +1287,9 @@ The following levels are available for <
      the client <em>has to</em> present a valid Certificate</li>
 <li><strong>optional_no_ca</strong>:
      the client may present a valid Certificate<br />
-     but it need not to be (successfully) verifiable.</li>
+     but it need not to be (successfully) verifiable. This option
+     cannot be relied upon for client authentication.  </li>
 </ul>
-<p>In practice only levels <strong>none</strong> and
-<strong>require</strong> are really interesting, because level
-<strong>optional</strong> doesn't work with all browsers and level
-<strong>optional_no_ca</strong> is actually against the idea of
-authentication (but can be used to establish SSL test pages, etc.)</p>
 <example><title>Example</title>
 <highlight language="config">
 SSLVerifyClient require



Mime
View raw message