On Mon, Jul 13, 2015 at 01:03:09PM -0400, Colin Edwards wrote: > I've been reading/hearing different opinions on the recent vulnerability > for cert chain forging that was patched (CVE-2015-1793). > > Some people are saying the vulnerability only exists if a system is using > certificate-based client authentication (mutual auth, where both server and > client are authenticated). `Basically, that the chain forging can only be > done on the client side. > > Others are saying certs can be forged on the server, on implementations > that use only server-side authentication, and if the client is using > OpenSSL it will verify/accept the forged chain. The could effectively > result in MitM against OpenSSL clients. It's whenever a certificate is received (and validated). This means either: - A client is authenticating a server (server authentication) - A server is authenticating a client (client authentication) Of course both could be happening for the same connection. It's much more common that the client authenticates the server. Certainly for https client authentication is uncommon. Also, for https the client ussually isn't OpenSSL based, except for android. Kurt
