Shishi and Ca certificate

help-shishi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Shishi and Ca certificate

From:	Alberto Fondi
Subject:	Shishi and Ca certificate
Date:	Tue, 09 Jan 2007 16:47:26 +0100
User-agent:	Mozilla Thunderbird 1.5.0.9 (Windows/20061207)

Hi group,

i have a question. When i start shishid with gnutls to supportauthentication with certificates i must provide the paths for shishidcertificate, its private key and the ca certificate. But shishi, (theclient) looks for only his certificate and private key and not for theCA certificate. In this way the client can autheticate torward the KDC,the KDC torward the client, but while the KDC can verify that the clientcertificate was issued by a valid CA, the client can't!


Is it correct ?
Can the client be exposed to impesonification of KDC attack?

If it is wrong can you explain me please?

Alberto

[Prev in Thread]

Current Thread

[Next in Thread]

Shishi and Ca certificate, Alberto Fondi <=
- Re: Shishi and Ca certificate, Simon Josefsson, 2007/01/12

Next by Date: Re: Shishi and Ca certificate
Next by thread: Re: Shishi and Ca certificate
Index(es):
- Date
- Thread