> > OK, makes sense. Just wonder why there is certificate
> related ACLs in
> > squid.conf already.

>
> The certificate ACLs work, and allow you to match specific
> user certificates or user CAs.
>
> It is just the option to have the request for the client
> certificate delayed until required by acl processing which does not.
>


Got you know. Thank you for help and great squid.

-D