[Cryptography] Mutually authenticated TLS
Florian Weimer
fw at deneb.enyo.de
Thu Mar 8 15:34:45 EST 2018
* Kevin W. Wall:
> They are telling me that what *they* are doing is "standard practice"
> and what I was proposing (to minimally at least check the full,
> canonicalized DN) as "an acceptable compromise under some conditions,
> but should be avoided".
A real downside is that encoding the access privileges in the
certificate means that you need to reissue the certificate if
privileges change.
Red Hat does this approach for subscription certificates in the
entitlement PKI:
<https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/structure-of-ent-certificates>
Others can comment how smoothly this works out in practice.
In theory, it allows localized ACLs checks (without looking up the
certificate in a database) and very good partition tolerance,
especially if you do not need perfect certificate revocation checks.
More information about the cryptography
mailing list