[Webkit-unassigned] [Bug 187679] [Curl] Add allowSpecificHTTPSCertificateForHost support.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 28 10:48:52 PST 2018
https://bugs.webkit.org/show_bug.cgi?id=187679
--- Comment #15 from Basuke Suzuki <Basuke.Suzuki at sony.com> ---
(In reply to Alex Christensen from comment #12)
> Wow, that would be great. Another approach could be to listen for handshake
> failures and when one happens because of the cert, ask the client if it's ok
> to proceed and retry if they say it's ok.
Yes, that is ideal, but we cannot pause the communication while validation is ongoing (our code is in OpenSSL callback which is called by libcurl). Once verification complete and has error, then curl cancel the communication before giving us a chance to modify the situation. A patch is required if we really do pause and continue.
> Client certificates might not be a priority right now, but they may become a
> priority.
Agreed.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181128/d09c7d9f/attachment.html>
More information about the webkit-unassigned
mailing list