On Tue, Mar 02, 2021 at 05:48:05PM +0000, Jacob Champion wrote:
> What would you think about adding the additional detail right after
> verify_client_proof() fails? I.e.
Agreed. Having that once all the code paths have been taken and the
client proof has been verified looks more solid. On top of what's
proposed, would it make sense to have a second logdetail for the case
of a mock authentication? We don't log that yet, so I guess that it
could be useful for audit purposes?
--
Michael
