客户端不持有证书,因此对SSL是匿名的。
The client does not have a certificate and is, therefore, anonymous to SSL.
因为这是使用非对象加密技术,而每一端有自己的证书和私有密钥,比起清单5对称加密技术示例,它处理起来更为简单。
Because this is using asymmetric encryption, where each side has its own certificate and private key, it should be somewhat simpler to handle than the Listing 5 symmetric-encryption example.
如果您使用证书来对客户端进行身份验证,为了减低这种风险,您应该减少信任存储库中签署者的数量以尽可能减少证书数。
If you are using certificates for client authentication, to reduce this risk, you should reduce the number of signers in the trust store to the minimum number possible.
应用推荐