Hello. I'm considering writing a server program (which provides mostly hypothetical services, for the purpose of this discussion). The server requires users to register an account on the server before use. The service would, I believe, simply bind usernames to one or more user-provided public certificates.
Also, for the purposes of this discussion, I control both server and client code. I want to use TLS to handle authentication/encryption but am not sure if it's feasible. Specifically - I don't want users to have passwords, it must be public key authentication only (like SSH) with bilateral authentication. This is a critical point - I would like the only realistic way to compromise a user account to be actually stealing the private key of that user and cracking the password on it (assuming a lack of other software bugs and/or poor user interfaces allowing social engineering). I'm not 100% certain how to implement this securely, however. Would the server cache a copy of each user's public certificate? I'm trying to work out what guarantees TLS actually provides (on the strongest settings - which both the client and server would enforce). Any input would be appreciated. I appreciate the question is a little vague, hopefully I'll be able to expand on it after some responses. The main reason I'm trying to get a better picture of this stuff is that I'm no cryptographer and obviously any protocol I invented would no doubt be subject to many cryptographic flaws... xw ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
