On Thu, 19 Mar 2009, alessio wrote: This description in the manpage is incorrect (c.f ITS 4941). Setting TLS_REQCERT actually just disables the client's check that the name from the URI matches the cert's subjectAltName values or CN. It'll be encrypted, but with no protection from man-in-the-middle attacks, or even detection of simple misconfigurations (CNAME pointing at wrong host, etc). "TLS_REQCERT allow" is only slightly better, doing the name check (so some misconfigs will be caught) but still skipping the check for a known CA, so it's still vulnerable to MitM attacks. If you're going to go to the trouble to use TLS, why not distribute the certs and do it right? Philip Guenther