Dave S, I wish that you would read the entire message and maybe clear your system of a bit of the current X.509 FUD kool-aid. This is "person to his own server at home". This does not require any kind of third-party reference (asking someone else to introduce your computer to you? That's a waste...), and thus does not need a certificate from a CA from the list included in the iPhone's Keychain.
Adding a certificate to the iPhone's Keychain is... difficult at best, and almost impossible at worst. Removing a certificate from the iPhone's Keychain... well, you have to pay $99 and compile the example Keychain.app that they have the source for so you can put it on your own phone and remove the certificates you don't want. This is an SSH-like scenario (meaning, the subject is already known to the principal, who has made a choice to use the services provided by that subject). Instead of trying to display the contents of a self-signed webserver certificate, the only thing that you can really truly verify is the public key contained in the certificate. The piece you're looking for to display is the subjectKeyIdentifier, which "should be the hash of the public key". This is basically what SSH displays to its users. You can cache the sKI the same way SSH does with its known_hosts file: hostname, publickeytype, publickey. If the key hasn't changed, no need to bug the user; if the key HAS changed, then you need to alert the user and ask for an override -- perhaps a multitouch gesture to signal that the user knows that the key's changed, and if the user didn't change the key himself and hasn't been told by the homebox admin (which is not necessarily the user, it might be the user's husband or child or wife or -- if the adage is correct -- maybe even the family dog) that the key's changed that he shouldn't connect. -Kyle H On Fri, Aug 14, 2009 at 12:41 PM, David Schwartz<dav...@webmaster.com> wrote: > > Chase Douglas wrote: > >> I am developing an iPhone app that will incorporate SSL for encryption >> of network communication. The encrypted connection will be between >> average users and their home servers. Most of the time I envision >> people having SSL certificates that cannot be validated with the >> default iPhone root certificates. When this occurs, I would like to >> show a screen with information from the certificate so people can >> manually verify that it matches the certificate of their home server. >> >> Given the screen real estate of a mobile device, what information >> would you present to the user, and what would you leave out? I am >> thinking of presenting just the issuer, subject, validity time frame, >> and signature, leaving out things like serial number, signature and >> key algorithms, and the public key itself. Is this reasonable? > > Others might disagree, but IMO, if you don't check the public key or a hash > of the certificate, and the certificate isn't issued by a CA, no matter what > you do, all you will get is 100% protection from passive interception and 0% > active interception. > > Displaying the issuer, subject, validity time frame, algorithms, and the > like does nothing but give the user a warm, fuzzy feeling. It in no way > increases security. You can certainly still display it, because warm, fuzzy > feelings are nice. > > If you want protection against active interception, you must validate the > public key, certificate signature, or have a certificate issued by a trusted > CA. You need do nothing but use SSL to protect against passive interception. > > You can do with SSH does. If you can cache the server name along with a > secure hash of the public key, you can at least prevent someone from an > active attack on a server you have previously used. That way, even for > complete security, you need only compare the key thumbprints once, which you > can do while you install the server on your home computer. > > DS > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
