> Storing some fingerprint of a certificate or public key locally > in some trusted place (such as a local file system) seems to be > quite secure (should be the same level as having a CAs root > certificate in a file), however, I'm not sure if this works with > OpenSSL which seems to expect to be able to verifiy the whole > certificate chain up to the root certificate even if intermediate > certificates are locally avialable. As far as I know / > understood - please correct me if I'm wrong!
Remember, he's using his own server and client code. So he can disable certificate checking in OpenSSL and do his own. There are several ways to do this, but one that I've used a few times works like this: The server can use any key/certificate at all to establish the SSL connection. It doesn't matter. (Self-signed, issued by CA, persistent, temporary, makes no difference.) Set OpenSSL to accept self-signed certificates and not to check the name. After the SSL session is established but before any important data is exchanged, perform your own verification step that meets your own security requirements. Make certain that the verification includes data from the SSL handshake to prevent a MITM from substituting his own SSL session but passing the second level authentication. (SSL_get_finished/SSL_get_peer_finished) In this second step of verification, you can exchange public keys, certificates, challenges, responses, and so on. Each side can verify what it is talking to on the other side by whatever mechanism you want. Again, the only serious potential gotcha is a MITM who might replace the single SSL session with his two (one to each end) and proxy the second step and then takeover or monitor the data connection. Ensuring that each side's SSL_get_finished matches the other side's SSL_get_peer_finished should be sufficient to prevent this. (Include these in the signed objects you exchange.) DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
