Re: [TLS] HTTPS client-certificate-authentication in browsers

Peter Gutmann <> Fri, 29 July 2011 06:39 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E259211E808A for <>; Thu, 28 Jul 2011 23:39:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.603
X-Spam-Status: No, score=-3.603 tagged_above=-999 required=5 tests=[AWL=-0.004, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Y+yTd+T20juv for <>; Thu, 28 Jul 2011 23:39:18 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 01AF911E807F for <>; Thu, 28 Jul 2011 23:39:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=uoa; t=1311921558; x=1343457558; h=from:to:subject:cc:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<> ||Subject:=20Re:=20[TLS]=20HTTPS=20clie nt-certificate-authentication=20in=20browsers|Cc:=20tls@i|In-Reply-To:=20<201107290006.p6T06BD0012180@fs411>|Message-Id:=20<E1Qmgj6-0007y4-DJ@login01.>|Date:=20Fri,=2029=20Jul=202011=2018:3 9:16=20+1200; bh=9WtnUz5C/c9+y55ltfIF8sMXKjBX48cko46Emld62dI=; b=r/kwza+2/0egSl52dz81Kipo9A4OQvCBUW6a0mKHeDhNLUv5SiP+1XQx 2ZPvA063dGibUVd2bohM1qM5+6M3zgK/wyEFAFS4TNY0aAHgvv4C1St/c ne3nfLsdjPeXL9fPLGLRrIjBnmldPF+I/93+dMK6VT8x8Ypy/IrituST5 Y=;
X-IronPort-AV: E=Sophos;i="4.67,286,1309694400"; d="scan'208";a="74803823"
X-Ironport-Source: - Outgoing - Outgoing
Received: from ([]) by with ESMTP/TLS/AES256-SHA; 29 Jul 2011 18:39:16 +1200
Received: from ([]) by with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <>) id 1Qmgj6-0000UT-Ha; Fri, 29 Jul 2011 18:39:16 +1200
Received: from pgut001 by with local (Exim 4.69) (envelope-from <>) id 1Qmgj6-0007y4-DJ; Fri, 29 Jul 2011 18:39:16 +1200
From: Peter Gutmann <>
In-Reply-To: <>
Message-Id: <>
Date: Fri, 29 Jul 2011 18:39:16 +1200
Subject: Re: [TLS] HTTPS client-certificate-authentication in browsers
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 29 Jul 2011 06:39:19 -0000

Martin Rex <> writes:

>I don't know what particular issue banks have with their weird threat model 
>here in Germany, I'm unable to find an even remotely reasonable explanation 
>why so many of them are suddenly violently determined to completely kill any 
>of their existing paper-based TANs, including iTANs that they introduced just
>a few years ago, aggressively touted as something that you need.

This has been covered in a number of journal/magazine articles, for example 
there was a fairly comprehensive one in c't in the middle of last year on 
this.  Since paper-based TANs aren't tied in any way to the transaction 
they're authenticating, they're vulnerable to both phishing attacks and MITB 
attacks.  iTANs were introduced to counter straight phishing (ask for the next 
n TANs), the attackers countered with more aggressive TAN phishing and MITB, 
and the response to that was mTANs and tokens.  So German banks are actively 
tracking threats as they evolve and responding to them, which few other banks 
seem to be doing (or at least if they are, it's not documented anywhere).

This is probably why US phishing losses are a staggering *six hundred times* 
higher than German ones.  In Germany the banks try and address evolving 
threats.  In the US the banks take their customers to court when they become 
victims of poor banking security.