Re: [TLS] Asking the browser for a different certificate

[Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>]

Hello,

On 27/03/2010 01:14, Martin Rex wrote:
> Peter Gutmann wrote:
>>
>> Martin Rex<mrex@sap.com>  writes:
>>>
>>> IMHO there are a number of defects in the TLS protocol related to client
>>> certificate authentication, and some of them should probably be fixed at the
>>> TLS protocol level.  But fixes at the TLS protocol level may take a huge
>>> amount of time before they become a useful feature in the installed base...
>>
>> Yeah, because this is going to affect the vast numbers of users of
>> SSL client certs :-).
>
> The non-users of SSL client certs are much more affected.
>
> Currently, if you enable a Web Server to request a client cert
> in the initial handshake, the users without SSL client cert suffer
> the worst user experience of all.  Would the browser be able to
> tell the server in a ClientHelloExtension "Don't bother sending
> me a CertificateRequest, because I don't have one", then
> the server could skip the CertificateRequest message if the
> application/configuration allows the handshake to complete without
> client certificate.

A browser that would know it has no certificate to send would also know 
it doesn't need to prompt the user for one. As such, it could just send 
an empty Certificate message in response to the CertificateRequest 
(which is what already happens in Firefox, if you choose 'ask me which 
one to choose' and press 'Cancel'), without offering the user to choose 
a certificate amongst an empty list. That sounds purely a user-interface 
problem, then.
What would such a ClientHelloExtension add for this purpose (except 
saving a few bytes... although it seems that the CertificateRequest 
message can be one of the largest during the handshake if the 
certification_authorities list is long)?


Best wishes,

Bruno.