On 04/22/2014 08:57 AM, Ligade, Shailesh [USA] wrote: > I think by default, the certificate hint list asks for client authentication > certificates. Is there any configuration option to ask for different types of > certificates? e.g. signing or encryption certificates?
In TLS, the client's secret key (which is associated with the public key in the client's certificate) is always used to make a digital signature, regardless of whether DHE or RSA key exchange mechanisms are used (for fixed (non-ephemeral) DH key exchange, the client's DH public key is already used directly in the handshake and provided in the cert, so no signature is needed; but no one actually uses this mode, afaict). So for normal use, the client sends the server its signature in the CertificateVerify message: https://tools.ietf.org/html/rfc5246#section-7.4.8 So a TLS client certificate that is marked with a KU/EKU for encryption only (and not for signing) is probably a mistake at the protocol level. A client shouldn't need a hint from the server to avoid using those certs as client certs. --dkg
signature.asc
Description: OpenPGP digital signature
