Kikx wrote:
Just a question because I turn it into my head up side down but I can't figure out if what I would like to do is an security Hole :
I have a client , and I have locally the certificate I expect ... I ask the server for a SSL connection ... I check the certificate the normal way (exept that don't check the hostname because I assume there is no hostname) and I compare the two certificate ... If I pass throw every steps I now consider that I talk with the right person ...
Is it right ? Am I mistaken ? I think I am not but I prefer be sur ....
thanks a lot
Kikx
The SSL/TLS protocols require the client to validate the cert (that is, to verify that it didn't come from an attacker), and to verify that the SSL server's cert represents the intended/desired peer user, as this is SSL's only defense against MITM attacks, but it does not specify how that verification is to be done. The responsibility for performing those steps (validation, verification) are the responsbility of the application (protocol) that uses SSL, not of SSL itself.
RFC 2818 (IIRC) specifies that the https protocol will match the intended server DNSname against the DNSnames in the certificate. This same technique has been adopted as the industry standard for numerous protocols including IMAPS, SMTPS, LDAPS, etc.
But there are application protocols in which the desired peer user is not adequately identified by the DNSname of the server to which the client connects. For example, in SSL-based file transfer through an instant messaging service, the ssl server is operated by one of the IM users whose cert identifies the user, not a DNSname. The client checks that the server's cert identifies the intended peer user, not a DNSname.
So, if you're defining an application protocol of your own, you get to decide what is the right information in the peer certificate to verify that the certificate belongs to your intended peer's server.
-- Nelson B _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
