On 06 Nov 2014, at 8:05 AM, Kaspar Brand <[email protected]> wrote:
>> Is there another way to do this? > > "Manually" performing what certificateExactMatch is specifying, I would > say - i.e., use the (SSL_CLIENT_M_SERIAL,SSL_CLIENT_I_DN) tuple as a > unique identifier for a specific client certificate. Imagine I trust two roots, A and X, where X has been compromised. I authorize the certificate chain A->B->C to perform a specific action. What stops the root X from issuing an intermediate certificate with subject “B” and a leaf certificate with subject “C” to produce a chain that goes X->B->C, and the client provides both the intermediate cert B and leaf certificate C during the SSL handshake? In other words, if I only consider the serial number and issuer during authorization, what stops a compromised-but-still-trusted CA from issuing an intermediate cert that replaces another trusted issuer? Regards, Graham —
