supporting out-of-process certificate validation
Simon Josefsson
simon at josefsson.org
Wed Nov 12 09:27:56 CET 2008
Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
> On Tue 2008-11-11 10:51:45 -0500, Simon Josefsson wrote:
>
>> Generally, I don't think X.509 validation belongs in the same
>> process as a TLS client or server -- it is complex and mistakes will
>> happen, it is better to put all X.509 handling (including private
>> key handling) in a separate process.
>
> This sounds like a good thing to me. Do we have a clear API or
> inter-process protocol for these functions?
This sounds like a good idea to flesh out on our wiki, I've created a
starting pointer:
http://redmine.josefsson.org/wiki/gnutls/GnuTLSExternalValidation
> I quite like (and use daily) OpenSSH's ssh-agent model for
> out-of-process handling of private keys [0]. I'd love to see that
> used (or extended if the data types are incompatible) to be able to
> work with TLS connections. Then a single backend agent could be used
> for both SSH and TLS connections.
I like this model too.
> I'd be very interested in helping to flesh out what communications
> primitives this kind of a spec should involve, particularly if it
> allows people to substitute different validation models depending on
> personal preference, and to share validation models across
> applications.
>
> If anyone else is working on such a spec, i'd love to hear about it.
Let's start discuss it.
I think we can share many ideas and even code from GnuPG 2.x, so it
would be useful if people familiar with that code helped us here. (Hi
Werner. :))
/Simon
More information about the Gnutls-devel
mailing list