2002-12-17-18:43:20 Frank O'Dwyer: > Bennett Todd: > > 2002-12-17-14:50:28 Frank O'Dwyer: > > > SSL doesn't provide client authentication (at least not easily & > > > on its own). > > > > What's wrong with client certificates? > > PKI, basically, and the lack of it.
The myth that PKI is required for client certs is one of the more successfull marketing games that have been played recently. Client certs are just like server certs (which are routinely used for https); they're just deployed on the client end of the connection. If you want client authentication, e.g. for syslog-secure, why then the client positively has to hold a secret, there's no way around that. The secret could be a password, or it could be a private key; either way, it's a bag of bits, and the client has to be able to access it. Invest in PKIs for buzzword compliance, but you can get work done by hand-distributing client certs the exact same way you'd hand-distribute client passwords for other authentication protocols. > Also in a lot of organisations the mere mention of PKI will > trigger the formation of a committee that meets for 3 years to > decide what colour the CPS should be, and not much else will > happen. Nicely put. Sounds like there are a lot of healthy organizations, with strong immune systems. Hmm. Committees operate like white cells, to surround and hence disable an intruder ... hmm. Yup, I routinely advise avoiding clutching the PKI tarbaby. Client cert auth requires no PKI, it requires only what you'd have to do to enable any other kind of auth, namely installing a small bag of secret bits on the client. If the bits were a simple password, I'd be generating them by pulling them out of /dev/random. If the bits are a client cert, I'd be pulling them out of openssl. I just don't see the big difference here. > Admittedly you'd have a much better chance getting it in place > for servers and devices, and especially if you can limit it to a > smallish set of managed devices (relays and collectors say, in > syslog speak), but you still have to think about key change and > revocation, which are both problems that get harder as you add > nodes. Those problems are no different whether the secrets you must distribute and manage are client certificates, or passwords. The problem is authenticating clients, specifically distributing the credentials to be used; it's not the choice of passwd -vs- certificate to do so. -Bennett