Maybe It's Snake Oil All the Way Down

Eric Murray ericm at lne.com
Wed Jun 4 10:40:48 EDT 2003


On Wed, Jun 04, 2003 at 04:32:23PM +1200, Peter Gutmann wrote:
> "James A. Donald" <jamesd at echeque.com> writes:
> 
> >I never figured out how to use a certificate to authenticate a client to a
> >web server, how to make a web form available to one client and not another.
> >Where do I start?
> 
> There's a two-level answer to this problem.  At an abstract level, doing
> client certs isn't hard, there are various HOWTOs around for Apache, Microsoft
> have Technet/MSDN papers on it for IIS, etc etc.  At a practical level, it's
> almost never used because it's just Too Hard.  That's not the SSL client-cert
> part, it's the using-X.509 part.

It's the I part of PKI that's hard.  That the assumptions built
into X.509 (i.e. a rigid certificate hierarchy) don't work everywhere
just makes it harder.  And the obstinance of the standards organizations
involved don't help.

Too often people see something like Peter's statement above and say
"oh, it's that nasty ASN.1 in X.509 that is the problem, so we'll just
do it in XML instead and then it'll work fine" which is simply not true.
The formatting of the certificates is such a minor issue that it is lost
in the noise of the real problems.  And Peter publishes a fine tool
for printing ASN.1, so the "human readable" argument is moot.

Note that there isn't a real running global PKI using SPKI
or PGP either.


The largest problem with X.509 is that various market/political forces
have allowed Verisign to dominate the cert market and charge way too
much for them.  There is software operable by non-cryptographers that
will generate reasonable cert reqs (it's not standard Openssl) but
individuals and corporations alike balk at paying $300-700 for each cert.
(yes I know about the free "individual" certs, the failure of
S/MIME is a topic for another rant).

This is why lne.com's STARTTLS cert is self-signed.  Verisign
isn't getting any more of my money.


Eric



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list