supporting out-of-process certificate validation
simon at josefsson.org
Wed Nov 12 09:27:56 CET 2008
Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
> On Tue 2008-11-11 10:51:45 -0500, Simon Josefsson wrote:
>> Generally, I don't think X.509 validation belongs in the same
>> process as a TLS client or server -- it is complex and mistakes will
>> happen, it is better to put all X.509 handling (including private
>> key handling) in a separate process.
> This sounds like a good thing to me. Do we have a clear API or
> inter-process protocol for these functions?
This sounds like a good idea to flesh out on our wiki, I've created a
> I quite like (and use daily) OpenSSH's ssh-agent model for
> out-of-process handling of private keys . I'd love to see that
> used (or extended if the data types are incompatible) to be able to
> work with TLS connections. Then a single backend agent could be used
> for both SSH and TLS connections.
I like this model too.
> I'd be very interested in helping to flesh out what communications
> primitives this kind of a spec should involve, particularly if it
> allows people to substitute different validation models depending on
> personal preference, and to share validation models across
> If anyone else is working on such a spec, i'd love to hear about it.
Let's start discuss it.
I think we can share many ideas and even code from GnuPG 2.x, so it
would be useful if people familiar with that code helped us here. (Hi
More information about the Gnutls-devel