[TLS] Why does the client has to send a Certificate Verify while the server does not?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[TLS] Why does the client has to send a Certificate Verify while the server does not?

To: tls at ietf.org
Subject: [TLS] Why does the client has to send a Certificate Verify while the server does not?
From: ernuzwang at gmail.com
Date: Wed, 26 Nov 2008 02:36:56 +0000
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces at ietf.org

Hi!

I've been reading RFCs concerning TLS and I have a question about Certificate Verify:

If I am not mistaken, Certificate Verify is a signature over the previous handshake messages using the client's private key, and the server
verifies it with the client's public key, which can be extracted from the previous client certificate message. If it matches, the server is sure that
the client actually owns the certificate (am I right?).

The above mechanism seems pretty secure to me, therefore, I'm wondering why the server is not required to send a verify as well? What if its
certificate is eavesdropped or stolen and someone else can use it as its own since there is no way to verify if it does own it? (if it copies its
domain name as well as its public key, etc.)

_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Why does the client has to send a Certificate Verify while
  - From: Martin Rex
- Re: [TLS] Why does the client has to send a Certificate Verify while the server does not?
  - From: Mike

Prev by Date: [TLS] draft-rescorla-tls-suiteb-11.txt
Next by Date: Re: [TLS] Why does the client has to send a Certificate Verify while the server does not?
Previous by thread: [TLS] draft-rescorla-tls-suiteb-11.txt
Next by thread: Re: [TLS] Why does the client has to send a Certificate Verify while the server does not?
Index(es):
- Date
- Thread

[TLS] Why does the client has to send a Certificate Verify while the server does not?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.