Hi,<br>
<br>
On 9/18/05, <b class="gmail_sendername">Titus Brown</b> <<a href="mailto:titus@caltech.edu">titus@caltech.edu</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I honestly don't know much about this use of SSL! How would it work<br>from a Web browser? I've never needed a client certificate before.</blockquote><div><br>
Basically, you get a certificate (stored in a file) from a
certification authority. It is added to a keystore that stores your
private and public keys along with your certificate.<br>
<br>
Whenever a web site wants to authenticate you using a client
certificate, a dialog pops up asking you to choose which certificate
you would like to use to authenticate.<br>
<br>
</div>Every modern web browser is able to do this. <br>
As a employee of a company that develops a PKI which uses a web user interface, i use client side authentificatin daily.<br>
<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">if it's just a matter of writing a few interface functions then<br>it'd be easy.</blockquote>
<div><br>
Basically, what we need is a set of command like the following (this list is not complete) :<br>
* changeClientCert(client_cert) : change the client certificate
used to authenticate for the next client authentication request. Using
null as client_cert is like using no certificate to authenticate.<br>
<br>
* addCertToKeystore(cert) : add a certificate to the key store<br>
<br>
Twill could have his own keystore or use the one provided by the different available browsers.<br>
<br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">I expect it would be relatively easy to add commands to retrieve, parse,<br>and check the server certificate.
</blockquote><div><br>
I think so. I'm currently trying evaluate the best solution to setup an
automated web testing framework in our company, and i could implement
this if we choose Twill.<br>
<br>
Thank you very much for your insights.<br>
<br>
Regards,<br>
</div></div>-- <br>Julien Gilli