|
Replies:
2
-
Last Post:
Mar 26, 2009 4:17 PM
by: ernestojpg
|
|
|
|
|
|
|
Mutual Certificate Security without knowing the server's certificate
Posted:
Mar 26, 2009 3:46 PM
|
|
|
Hi everybody!
For 'Mutual Certificate Security' mechanism, the client needs to know the server's certificate. If the client doesn't know the server's certificate, would it be possible to use this mechanism?
It would be like a SSL handshake:
1) The client contacts with the server
2) Server responds with its X.509 certificate
3) The client authenticate certificate against list of know CAs.
Then, the client generates random symmetric key, and encrypts it using server's public key.
4) Client and server now both know the symmetric key and encrypt end-user data using symmetric key for duration of session.
Would it be possible with Metro?
Thanks in advance.
Ernesto J. Pérez
|
|
|
|
|
|
|
Re: Mutual Certificate Security without knowing the server's certificate
Posted:
Mar 26, 2009 4:17 PM
in response to: jdg6688
|
|
|
Ohh, what a pity!
And this mechanism is not planned yet, is it?
|
|
|
|
|
java.net RSS
