Re: [TLS] Verifying X.509 Certificate Chains out of order

[pgut001 at cs.auckland.ac.nz (Peter Gutmann)]

Yoav Nir <ynir at checkpoint.com> writes:

>I think one way of solving the silent tracking problem is to add a
>"presenting constraints" option to certificates that will instruct the
>browser to show the certificate only to servers and DNS addresses matched by
>a pattern, for example my bank can issue me a cert with
>PRESENTING_CONSTRAINTS= *.bankleumi.co.il so that only its own servers get
>this cert (when browsers support it in 10 years)

The problem with this is that every time you want to use your cert at a new 
site you need to get the cert re-issued with updated constraints.  What you 
really want here is an attribute certificate, which is a good match for this 
sort of thing.  However in this case an even better match (not helped by the 
fact that attribute certs were basically stillborn) is to use something 
SAML-based (or insert your favourite SAML-equivalent system here) to hand over 
only the bits you want.  Unfortunately you then get to deal with the 
complexity of managing all this, which is still an active and ongoing research 
topic...

Peter.

_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls