The server should send all of the certs which make up the chain but not the root cert. If the root certs is sent, the client must ignore it for purposes of validation of the chain.
Microsoft used to distribute Intermediate certs as part of Windows and this resulted in the expectation that clients should have the intermediate certs installed on their machines. Intermediate certs expire more frequently then root certs. The administrators of the servers have a relationship with the issuers of the intermediate certs; the clients do not. Therefore, the server administrators can more easily update the intermediate certs when needed. Inclusion of the intermediate certs on the client requires the administrator of the client to remove the old intermediate cert and replace it with the new one. In practice, this will never happen in most cases because most clients do not have administrators.
Jeffrey Altman
Jason Keltz wrote:
Hi.
I have a question with respect to SSL protocol. Is it part of the protocol that the SSL server send to the client the public keys for the CAs making up the certificate chain? or is it acceptable to send just the server public key and expect the client to complete the chain on its own?
I can demonstrate with two examples... assume a multi-level certificate chain -- Root CA -> Intermediate CA -> server
I have two programs -- Apache httpd, and uw-imapd, and both operate differently in this respect. In terms of uw-imapd, the client connecting (Thunderbird 0.8) knew about the Root CA and not the intermediate CA. Thunderbird 0.8 was unable to verify the chain, so an SSL connection could not be made. However, placing the public key of the Intermediate CA in the key file for the server made the problem go away.
In terms of Apache and running say Opera as a web client -- if the web client doesn't know about the intermediate CA, the server sends the information, and the client trusts the information without a word to the user. If the Root CA certificate is deleted from the client, the server sends both the Root CA public key and the intermediate CA public key, Opera prompts the user letting them know that it doesn't know about any of the 3 components and asking the user if he would like to trust the CAs. The fact that the client even knows about the Root CA means that the server is sending the whole chain along.
I'm not writing to ask about either of these programs (Apache/uw-imapd) because that is obviously discussion for a different list. What I'm wondering about is the protocol in general -- should the server send the whole path, or not? Is there a standard?
Thanks for any information you can provide..
Jason Keltz [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature