Re: [TLS] matching identity, by default

[Bill Frantz <frantz@pwpconsult.com>]

james@manger.com.au (James Manger) on Friday, December 4, 2009 wrote:

>This suggests another way for a TLS library to ensure it doesn't confuse an application that doesn't explicitly stated it is 
>prepared for renegotiations.
>A library could tell the application only about one peer identity it authenticates (probably the first it authenticates).
>For instance, Java's HttpsURLConnection.getServerCertificates() method could return the same set of certificates for the life of 
>the object (the life of the TLS connection), and simply not tell the application about any different certificates from 
>renegotiations. The TLS library could still renegotiate and switch to new sessions, but the application would be blissfully unaware 
>-- and still secure.

Yet another way would be to have the library return an array of structures,
each member of which has the complete information from the client/server
certificate chain.[1] This array would only grow as new certificates are
received, leaving existing members constant. In Java, the array type would
emphasize to the programmer that there might be more than one structure in
the array. A C programmer would not have that protection, since in C it is
easy to confuse an array reference with a reference to the first element.

Cheers - Bill

[1] The CA chain signing the certificate could be yet another array
reference.

-------------------------------------------------------------------------
Bill Frantz        | When it comes to the world     | Periwinkle
(408)356-8506      | around us, is there any choice | 16345 Englewood Ave
www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA 95032