Alex, Do you presume that the websites in the domains that you intend to track users will install the self-signed CA certificate that issued the client-certificate to the unsuspecting user? If not, how will the browser know which client certificate to send to the website during client-auth? And what happens to the users who do not have have client-certs issued by this CA when they attempt to connect to the site?
Arshad Noor StrongAuth, Inc. ----- Original Message ----- From: "Alexander Klink" <[EMAIL PROTECTED]> Tracking visitors in an unnoticed way over several domains is typically not as easy as this, I believe. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
