> A question for those who follow PKI usage trends. > > Is there a list of CAs that issue X.509 end-user certificates? > > Here is the rationale for the question: > > If an end-user has a certificate, he (more or less consciously) controls > a private key. Suppose one deploys a web server that cares *only* about > end-user public keys, e.g. it keeps track of end-user reputation and > that's it for trust management. Then any type of certificate is good > enough (self-signed, auto-issued, issued by a regular > "client-cert-issuing CA"). > > This web server can have an immediate potential user base if it > negotiates the TLS session with a long list of CA distinguished names > (in the CertificateRequest message). > > The management tools for the contemplated web server scheme would > include an issuer DN extraction utility from end-user or CA certificates > so that the list may be augmented based on casual observations. Also, > the SSL debugging tools will report the contents of CertificateRequest > messages from public servers supporting client certs. > > Anyone went through such data collection before? > > Thanks in advance. > > -- > - Thierry Moreau > > CONNOTECH Experts-conseils inc. > 9130 Place de Montgolfier > Montreal, QC, Canada H2M 2A1 > > Tel. +1-514-385-5691 > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography >
Why not just send an empty list for certificate_authorities in the CertificateRequest? Most (all?) user-facing TLS clients will then presume the site has no restriction, and select from all of the available client certs that the user may have. Trying to stuff all the names - not to mention cross-signed intermediates, which are often necessary - and you're likely to blow out the record limits. Many TLS implementations, particularly TLS middleboxen, do not like fragmented handshake messages, so trying to stuff the Whole World into the request will likely break things considerably. I'm not sure how such a scheme would work for self-signed user certs, they inevitably would not match your pre-programmed list of DNs. See, for example, http://support.microsoft.com/kb/933430 _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
