> Comparing the Server-Id in the certificate to the expected server
> name limits the damage that will result from an attacker compromising
> a server private key. If the peer does not check the Server-Id, then
> the peer would accept a compromised server certificate chaining to
> any of the configured trust anchors.
>
[Joe] If the server key is compromised then it seems checking the
server-ID will not help discover this or limit damage.
Maybe this should have been "compromising a trust anchor private key". I
think the idea was to prevent a compromise of a trust anchor from enabling
attackers to carry out "rogue authenticator" attacks across the board.
_______________________________________________
Emu mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/emu
