W3C home > Mailing lists > Public > www-xkms-ws@w3.org > November 2001


From: Mike Just <Mike.Just@entrust.com>
Date: Tue, 27 Nov 2001 11:32:44 -0500
Message-ID: <9A4F653B0A375841AC75A8D17712B9C980F5AD@sottmxs04.entrust.com>
To: "'www-xkms-ws@w3c.org'" <www-xkms-ws@w3c.org>
I don't think you need an authenticated request, just an authenticated
response that contains the relevant portions from the request.  If a client
sends a Validate request with cert X, the client can store cert X until the
authenticated response is returned.  If the response contains sufficient
information from the request, such as the requested cert X, then upon
receipt of the response, the client can indeed check that the returned
certificate matches their stored certificate.  If an attacker were to modify
the request to include cert Y, then the client would detect this since the
response would include cert Y (where the client expected cert X).

It is important to note in the security considerations section that the
scenario Mike is talking about is only secure if you have authenticated
requests and responses. Otherwise Alice can request status of cert X and
mallet substitute cert Y in the request to get a 'valid' back.
Received on Tuesday, 27 November 2001 11:33:31 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:09:21 UTC