Good day.
Fri, Mar 30, 2007 at 02:47:59PM +0200, Dennis van Dok wrote:
> Derek Feichtinger wrote:
> >Hi, Oscar
> >The privacy problem is that your certificate is sent to any HTTPS server that
> >you access as part of the handshake.
>
> Is this true? If I go to https://www.scientificlinux.org/, I get no pop-up in
> firefox, while visiting GGUS (http://gus.fzk.de/) asks me if I want to send my
> certificate (I could still refuse).
Nope, the client certificate is requested only if server demands
it. It is not enabled by default, so Dennis is perfectly right.
--
Eygene Ryabinkin, RRC KI
|