On Sat, Nov 20, 2021 at 11:57:59AM +0000, John Mattsson wrote:
> - In some applications using mutually authenticated TLS, e.g., between
> nodes in 5G core networks or in mesh networks there is basically no
> difference between the client and the server. It would be very good if
> the document states that for such use cases the recommendations apply
> also for the client certificate.
There is always a difference between the client and server in any
context where a server is not dedicated to just a single known in
advance client.
That difference is that the client knows in advance which peer it wants
to connect to, and checks that that's the case. While the server learns
an identity of the client that connected to it, but since it did not
expect any particular client, there is rarely such a thing as finding
the "wrong" identity on the client end of the connection. The client is
simply (module key or CA compromise) hoever its certificate says it is.
Thus server identities are for session integrity, confidentiality, ...
while client identities are for authorisation. The asymmetry is
fundamental, and "mutual TLS" does not create a symmetric role for
the client.
--
Viktor.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
