[Security] TLS Certificates Verification
dmeyer at tzi.de
Tue Aug 12 09:53:59 CDT 2008
For End-to-End XML Streams used by Serverless Messaging and Jingle XML
Streams we use TLS to secure the connection. When also requesting a
client certificate, both clients have the TLS certificate from the
other side. The question is: what does it mean?
I just want to dump a list of ideas here that are open for discussion
A certificate is useless if I can not verify the owner of the
certificate. One solution could be to sign the certificate my a CA
everyone knows. But maybe this is not needed, some sort of web of
trust based on the certificates is also a valid solution. Maybe we can
add a signing mechanism outside X.509 for XMPP. The certificates would
be self-signed and the user needs to verify the certificate based on
the fingerprint, the JID and an XMPP web of trust.
You can verify that no man-in-the-middle exists with a simple
challenge-response and a shared secret/password. It could be possible
that the secret was exchanged using a different protocol, maybe even a
personal meeting. Or it can be done in-band on the still-not-verified
connection: "the key is the name of the bar we met last week".
Depending on how much security you need, you can do it more or less
Now I want to add some extra dependencies to it. I want all my
applications use different certificates all "set trusted" by the key I
use as person. Why do I want to do it? Several reasons: one is that I
may want to chat using my mobile phone. If I loose my mobile phone my
private key is gone. Not a good solution. In my scenario the key is
not only used to encrypt my chat messages, it is used to controll
application on different hosts. If it has a different key I can just
remove the "I trust that device" information with my real key. It is
very important for my use case to make it possible to add and remove
This all sums up to some basic questions:
1. Is the certificate sign by some trusted authority or self-signed?
2. If it is self-signed, how do I verify the certificate?
3. If we use a web-of-trust based solution by signing certificates we
know, where are the signatures stored? Do I trust the people you
trust or do I want to verify the key of everyone?
4. How to link a device certificate with the user owning it?
5. How can I revoke a certificate to indicate that one or more devices
do no longer belong to me?
These are my initial thoughts, I hope we can get a nice discussion
started about this.
"The question of whether a computer can think is no more interesting
than the question of whether a submarine can swim." [Edsger Dijkstra]
More information about the Security