Are we interested in client certificates?

[Hal Murray]

> and what does it buy us?

Gary suggested it would allow a server to restrict its clients without having 
to know their IP Address.


> How hard would it be to implement

Depends what "it" is.

If the spec is "signed by one of these (root) certs", that's probably only an evening/weekend.  Round up for testing and such.  If the checking is more complicated...




-- 
These are my opinions.  I hate spam.