[Cryptography] On the deployment of client-side certs

Ray Dillinger bear at sonic.net
Mon Nov 14 17:45:43 EST 2016


In response to recent discussion on the list:

Right now we have infrastructure in place to authenticate the host side
of most connections.  Predictably we still have massive fraud
perpetrated through credential theft followed by use of stolen
credentials as an unauthenticated client.

There is a technical standard for client-side certificates, which was
part of the original SSL specification.  However, because CAs demanded
that people pay for every certs, it was utterly ignored and never
deployed; Homer Husband and Harriet Housewife were not going to spend a
four-digit number of dollars (or equivalent) on a certificate, and no
sane vendor or banker was going to require them to.  Hence the
half-fast* job of one sided authentication that has become the norm.

This sounds like a proper use case for self-signed certs (on the
consumer side) with pinning (on the host side) to prevent fraudsters
from impersonating consumers.

That's within practically everybody's capability, (in the sense that
code to create self-signed certs is all over the place and most SSL
implementations allow certs to be used on both sides) but nobody's about
to do it (consumers) or require it to be done (bankers, merchants, etc)
or facilitate doing it (servers, browsers, mail clients, etc).

How can we change that?  What can we do to make it easier to do, provide
a transition path toward, and get pinning, certificate checking, and
revocation list checking integrated on hosts and cert generation/use
integrated into clients?  And make it simple and easy for consumers to
share their certs from multiple devices, reliably remove them from
devices before loan or sale, and revoke-and-replace whenever one of
their devices with a copy of their cert gets stolen?

				Bear

* "half-fast" is the earlier form, as in tying something down with
   loose or wrong knots so it wasn't actually fastened (made fast);
   But it sounded like "half assed", and as 'fast' to mean secured
   has fallen out of use we rarely see the earlier form anymore.
   It seemed appropriate in this case to recall that 'fast' used to
   mean 'secure.'


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161114/8730747c/attachment.sig>


More information about the cryptography mailing list