On Mon, Sep 23, 2013 at 11:27:06AM -0400, Salz, Rich wrote:
> > Note, the above is for enforcing STARTTLS on the server. If the
> > decision is left to the client, the configuration is less opaque.
>
> And less secure. :)
>
> If policy is to use SSL/TLS, then the server must enforce it;
> trusting the clients to do the right thing is bad.
Assuming the policy is a server policy.
In general those enforcing TLS security on the server side live in
a state of sin, since while the client may go through the motions
of doing TLS, nobody can force it to verify the server certificate.
To address active attacks, TLS security requires a cooperative
client.
If the server is trying to protect login credentials against passive
intercept, it can restrict access to TLS clients only, but without
a zero-knowledge password mechanism that supports channel binding,
the server is still at the mercy of the client's willingness to do
*authenticated* TLS.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
