On Mon, Aug 10, 2009 at 6:35 PM, Peter Gutmann<pgut...@cs.auckland.ac.nz> wrote:
> More generally, I can't see that implementing client-side certs gives you much
> of anything in return for the massive amount of effort required because the
> problem is a lack of server auth, not of client auth.  If I'm a phisher then I
> set up my bogus web site, get the user's certificate-based client auth
> message, throw it away, and report successful auth to the client.  The browser
> then displays some sort of indicator that the high-security certificate auth
> was successful, and the user can feel more confident than usual in entering
> their credit card details.  All you're doing is building even more substrate
> for phishing attacks.
> Without simultaneous mutual auth, which -SRP/-PSK provide but PKI doesn't,
> you're not getting any improvement, and potentially just making things worse
> by giving users a false sense of security.

I certainly agree that if the problem you are trying to solve is
server authentication, then client certs don't get you very far. I
find it hard to feel very surprised by this conclusion.

If the problem you are trying to solve is client authentication then
client certs have some obvious value.

That said, I do tend to agree that mutual auth is also a good avenue
to pursue, and the UI you describe fits right in with Chrome's UI in
other areas. Perhaps I'll give it a try.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to