Re: SSL handshake and client certificate
From: Pieter Philippaerts (Pieter_at_nospam.mentalis.org)
Date: 01/16/04
- Next message: Michel Gallant: "Re: SSL handshake and client certificate"
- Previous message: Otto Von RIx: "Confused about TokenSessionId howto"
- In reply to: Tester: "SSL handshake and client certificate"
- Next in thread: Michel Gallant: "Re: SSL handshake and client certificate"
- Reply: Michel Gallant: "Re: SSL handshake and client certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 16 Jan 2004 18:47:55 +0100
"Tester" <test> wrote in message
> Could someone tell me if private key of the client certificate is involved
> during the SSL handshake with a server? Server asks for renegotiation with
> client authentication over already established SSL connection, will
private
> key of the client certificate be used to derive new session key during
> rehandshake?
It will not be used to derive a session key, but the client must sign a hash
of all the handshake messages with it [so that the server can verify that
the client really has access to the private key]. So yes, the private key of
the client certificate will be used during the negotiation.
Regards,
Pieter Philippaerts
SSL/TLS for .NET: http://mentalis.org/go.php?sl
- Next message: Michel Gallant: "Re: SSL handshake and client certificate"
- Previous message: Otto Von RIx: "Confused about TokenSessionId howto"
- In reply to: Tester: "SSL handshake and client certificate"
- Next in thread: Michel Gallant: "Re: SSL handshake and client certificate"
- Reply: Michel Gallant: "Re: SSL handshake and client certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
