[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Shishi and Ca certificate

From: Alberto Fondi
Subject: Shishi and Ca certificate
Date: Tue, 09 Jan 2007 16:47:26 +0100
User-agent: Mozilla Thunderbird (Windows/20061207)

Hi group,

i have a question. When i start shishid with gnutls to support authentication with certificates i must provide the paths for shishid certificate, its private key and the ca certificate. But shishi, (the client) looks for only his certificate and private key and not for the CA certificate. In this way the client can autheticate torward the KDC, the KDC torward the client, but while the KDC can verify that the client certificate was issued by a valid CA, the client can't!

Is it correct ?
Can the client be exposed to impesonification of KDC attack?

If it is wrong can you explain me please?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]