Monday, October 1, 2001 01:58 AM
Hi! I have got a Servlet which can be accessed only through a virtual host requiring Client X509 certificate for authentification. I wish to log info posted to this servlet for non repudiation purposes.
Is there an attribute of HTTPServletRequest (or any other object) that can be read, in order to log this proof ?
Does SSLv3 alone offer non-repudiation ? Or Am i supposed to implement my own signature scheme ?