[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tlsverifyclient security implications



Howard Chu wrote:
> Michael Ströder wrote:
>> Howard Chu wrote:
>>> Josh.Mullis@cox.com wrote:
>>>>
>>>> ..."If the client does not send a certificate, it can still connect."
>>>>
>>>>
>>>> Does that mean that traffic is still encrypted if a certificate is not
>>>> used?
>>>
>>> Yes. Certificates are only for authentication, not encrypting the
>>> traffic.
>>
>> Howard, I'm sure that you already know this but let's be more precise
>> with the
>> wording to avoid confusing people:
>>
>> Strictly speaking the *client cert* is only for authentication of the
>> client.
>> The public key in the server cert is also used for the secure key
>> exchange for
>> the symmetric cipher used and thus is indirectly used for encrypting the
>> traffic (besides authenticating the server).
> 
> But certificates are not a required element for encryption of a
> connection - after all, TLS also supports anonymous Diffie-Hellman key
> exchange.

In theory, yes. But personally I don't know any real-world TLS deployment with
anonymous Diffie-Hellman key exchange. I don't even know deployments with
DSA-based certs.

Ciao, Michael.