> This is what I'm trying to prevent. after shake-hand and authentication > by SSL, it is still not safe enough. because other poople and I share > some common secrets (key and certificate), but if secrets are comprised, > (I know that people don't like this idea of losing key, but it happened > before and will happen in the future) then I'm in trouble. My question > is: can we find a solution to such a scenario? Such as application level > authentication. If the keys to my car are stolen, can I find a way to keep someone from driving it? 1) put an additional lock on the car ie add some application-level authentication. Of course, this is recursive - what if the bad guy gets these keys too? He got the first one, he can probably get the other ones too. 2) change the lock ie once you know someone stole your key, you generate a new one and have a CRL issued for the old one so it's no good any more. While you could add more and more #1 above to add security, the fact that they're getting any of your keys indicates you are doing a piss poor job of securing your machine and you're probably going to be building in application-level authentication poorly too. SSL relies on having everything about the algorithm public with the exception of one thing: the private keys. Deal with it - the private key must be private, or the game is lost. This is a definition, it cannot be changed. Security in depth is good, so feel free to layer on other controls if it makes you feel better. However if they got the key, then either they have access to your machine on which it resides thus they could simply query the data right from your database, insert a kernel module to capture all data, etc they were given the key by someone inside your organization thus if you change the key, they'll get that one too Protecting the private key is your most important task. Period. Doesn't this make sense? -- Brian Hatch It compiles! Systems and Let's ship it! Security Engineer -- the Microsoft motto http://www.ifokr.org/bri/ Every message PGP signed
pgp00000.pgp
Description: PGP signature