On Sat, 25 Oct 2008, Alessandro Vesely wrote:
Perhaps some black magic stems from associating certificate validation with
authority acceptance.
In what way? If you don't accept a certificate's authority then you can't
validate it. I don't see what's complicated about it, other than the
choice of which authorities to trust (though that problem is easily
ignored).
It is also a non-TLS specific problem, but it may be helpful to clarify
the relationship between DNS hierarchical delegations and CA chains.
There is none.
To wit, if a CA certificate were assigned along with each domain
delegation then we would need no black magic.
RFC 4398.
BTW, why don't we write the IP number on our server certificates?
The point of the certificate is to authenticate the name that the user
typed in. If you don't authenticate the right thing then you will fail to
detect attacks, for example, if an attack on the DNS produces a bogus name
-> IP addres translation and the attacker has a valid certificate for
that IP address.
The same problem applies to the MX mail domain -> hostname mapping, where
TLS is insecure because authenticates the target not the source.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
NORTH UTSIRE SOUTH UTSIRE: WESTERLY VEERING NORTHWESTERLY 5 TO 7. ROUGH OR
VERY ROUGH. SQUALLY WINTRY SHOWERS. MODERATE OR GOOD, OCCASIONALLY POOR.