At 17:52 +0000 2003/01/08, Matt Bernstein wrote:
>At 17:20 -0000 Giuliano Gavazzi wrote:
>
>>>Great! This will help with my AUTH EXTERNAL idea:
>>>
>>>The server can advertise the EXTERNAL mechanism (using the plaintext
>>>authenticator) iff it has succesfully verified a client certificate.
>>
>>wow, you *are* strict! You verify a client certificate *and* require
>>authentication. Or perhaps you did not mean client certificate?
>
>Not quite--iff the client cert verifies, the client can issue "AUTH
>EXTERNAL" with an optional username (=CN of the client cert IIRC) but no
>password.
>
>It's relatively cosmetic, allowing "P=asmtp A=external:my.client.cert" in
>your logs so something which might otherwise look like unwanted relaying
>is explicable.
>
so, if I understand well, presumably you have a "fake" CA root
certificate with which you sign a number of client certs that you
then distribute to your users. (I wrote "fake" because I do believe
that verisign and company are not to be trusted more than you and me.
Have you read the one about Verisign giving two Microsoft code
signing certs to some impostor. Microsoft and Verisign, two fine
companies..)
This is good but also restrict the choice of client software, unless
these users are only other servers...
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/