Alberti,
Alberti Antoine wrote on 08/11/2003, 1:50:
There was such an issue in TLS, solved, from the server point of view, by
sending a list of trusted authorities when requesting a client
authentication. However, this list was so ennoying to use for both sides
that it is now almost always empty, indicating "Send me whatever you
want,
we'll see then".
I agree that a work could be done on this topic, but it should done
carefully to avoid this conclusion.
I'm aware of the change that was made recently to TLS to allow an empty
list of trusted certificates to be sent by the SSL server. I don't
personally like this change at all and considered very useful in SSL
client authentication.
This provision means that to login to such servers, I'm now presented
with a list of 12 certificates to choose from, with absolutely no hint
about which one is correct, instead of having the right one
automatically chosen by the application, or at least a list of valid
ones if there are several matches. This is what I call shooting oneself
in the foot. Some server administrators are probably too lazy to install
the valid trusted roots. My opinion is that they probably shouldn't be
running PKI servers. Eventually after the client auth login, the code in
the SSL server is going to have to check if the client certificate is
valid anyway, and that operation will require the trusted root to be
installed. If the check does not involve a particular issuing root,
there are many spoof attacks I can think of against such SSL servers ...
--
I am the dog in dogfood
smime.p7s
Description: S/MIME Cryptographic Signature