[Security] channel bindings

Dirk Meyer dmeyer at tzi.de
Wed Feb 11 04:11:59 CST 2009

Justin Karneges wrote:
> On Tuesday 10 February 2009 14:52:05 Kurt Zeilenga wrote:
>> While the DIGEST-MD5 provides for a (limited) form of mutual
>> authentication, DIGEST-MD5 offers no assurance to either the client or
>> the party that the end points of the DIGEST-MD5 exchange are the same
>> as the end-points of the TLS exchange.
> You mean if you don't verify the TLS certificate?

We do, channel bindings is a fallback. If we communicate and have both
self-signed certificates, we can not verify each other. So we use
channel bindings. The next time we talk, we can verify the certificates.


I once thought I made a mistake, but I was wrong.

More information about the Security mailing list