[3969] in WWW Security List Archive
SSL and Access Control Policy
daemon@ATHENA.MIT.EDU (si10875@ci.uminho.pt)
Mon Jan 13 20:37:16 1997
From: si10875@ci.uminho.pt
Date: Mon, 13 Jan 1997 23:09:30 +0100
To: "www-security@ns2.rutgers.edu" <www-security@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
I have already posted a mail on this subject, and so did Andy Frush, but
no one seems to know anything about this!
Isn't it possible to use SSL authentication to apply a site access policy,
using the identification on the certificate?
Is it possible to define what client certificates a server accepts?
How is that done with Apache-SSL?
Thanks.
Jorge
