Sam Hartman wrote: > * The client wants assurance that it's talking to a consistent server so > that you only end up having to authenticate the server at one level.
I have always been unsure as to why clients don't tie credentials to a server certificate. Instead, they are usually tied to an SSID. And while clients can verify the servers CA, the CA is usually in a global CA store. i.e. the credentials are only associated with an SSID. If it were possible to tie user credentials to a server certificate, then the clients could validate the server before sending the credentials. For the attack to work on the client, it requires that the client set up an anonymous tunnel with the attacker, and send credentials down that tunnel. If the client were to associate the credentials with a server cert, the attack could be detected. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
