Hi,
I'm developing a client in for a protocol where the public servers
that use SSL typically use self-signed certificates.
In order to make the best of a bad situation, I would like to
implement "server key caching", similar to the way that SSH is
typically used (that is, on the first connection to a given server,
the client presents the user with the fingerprint of the public key
that the server used; if the user accepts it, the public key is
remembered by the client so that future connections to the same server
can be verified).
To this end I have two questions:
1) Clearly in this case SSL_get_verify_result() is likely to indicate
that the server certificate failed verification (because it was
self-signed). However, in this situation can I still assume that the
public key from the certificate (obtained with
SSL_get_peer_certificate()) was the public key that the server
actually used to connect with me?
2) Is it cryptographically acceptable practice to for the client to
remember (and use for future verification) just the SHA1 digest of the
public key, rather than the public key in its entirety?
Thanks in advance,
- Kevin
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
______________________________________________________________________
OpenSSL Project
http://www.openssl.orgUser Support Mailing List
openssl-users@...
Automated List Manager
majordomo@...
