[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] [iaik-ssl] Hw to do client authentication only?



Hi Gerald,

the server can force the client to authenticate.
And it is already so in JacORB, see in SSLSetup.java:

            defaultSSLServerContext.setRequestClientCertificate ( true );

The server will always authenticate himself in IAIK implementation.
But this is not required by the SSL specs.

Regards, André

On Wed, 06 Sep 2000 13:41:35 +0200, Gerald Brose wrote:

>Is it possible to set up SSL such that only the client
>is authenticated, i.e. that only clients but not servers
>need to provide certificates?
>
>Setting the cipher suite to allow DH_anon does not work
>because in this case the client cannot be authenticated.
>
>Thanks, Gerald Brose.
>--
>Gerald Brose,                       Mail:       brose@inf.fu-berlin.de
>FU Berlin        (for PGP key see:) http://www.inf.fu-berlin.de/~brose
>Institut f. Informatik              Ph-one:        (++49-30) 838-75112
>Berlin, Germany                     Ph-ax:         (++49-30) 838-75109
>--
>Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
>
>To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl
>



--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce


***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: "=?iso-8859-1?q?Andr=E9_Benvenuti?=" <dedeben@freesurf.ch>      *
*   Date: Wed, 06 Sep 2000 15:11:50 +0200                                 *
*   Subject: Re: [iaik-jce] [iaik-ssl] Hw to do client authentication only?*
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   no                                                *
*   Signature valid:    n/a                                               *
*   Signature trusted   n/a                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *:                           *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature not required)               *
*                                                                         *
***************************************************************************