Nelson Minar wrote: > >Of course, client side certificates barely even exist, although > >people made substantial preparation for them early on in the history > >of all of this. > > I used to be puzzled by this. Then a couple of years ago I went > through the process of getting a client-side certificate to access my > student records at MIT. MIT is the only place I've ever seen to > require client-side certs for authentication, bless 'em. > > It took me 30 minutes to establish a client side certificate, just so > I could view a web page with my own data on it. *thirty minutes*. And > I know a lot about cryptography. How would someone who'd never heard > of a public key do? This was on Netscape 4.0 on Linux. Maybe MSIE > things have improved since then, but I doubt it. (Anyone know?)
I've never found it particularly hard to generate a client cert in either Netscape or IE - but the time consuming part is the meatspace component - verifying your identity to the CA/RA so they'll sign the certificate. Of course, going through all of this to access a single page is silly. The two useful aspect of client certs (IMNSHO) are firstly that they allow single sign-on with access control in a way that does not require all systems to communicate with some central authority and secondly they give a way to bind an identity (or simply a set of permissions/privileges/capabilities/whatevers) to a private key. Of course, if your threat model means you must check a certificate's validity immediately, then the first advantage is mostly gone. However, you almost always need the second property, AFAICS, to do anything useful with PKC. If you have some kind of entity that binds a private key to some other stuff, then that is a certificate, IMO. Equating certificates with X.509 is missing the point. As for the "certificateless" model - all this really does is move the binding from something you can carry around with you to something that has to be done by a central authority. It is not clear to me why this is such a marvellous improvement. Unless you happen to want to own the central authority, of course, which, unlike certificates and CAs, is far harder to replicate privately and therefore, presumably, potentially even more profitable than Verisign's cash cow. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]