SSL authentication

To make an environment secure, you must be sure that any communication is with trusted sites whose identity you can be sure of. SSL uses certificates for authentication; these are digitally signed documents which bind the public key to the identity of the private key owner.

Authentication happens at connection time, and is independent of the application or the application protocol. Authentication involves making sure that sites with which you communicate are who they claim to be. With SSL, authentication is performed by an exchange of certificates, which are blocks of data in a format described in ITU-T standard X.509. The X.509 certificates are issued, and digitally signed by an external authority known as a certificate authority.

A certificate contains
  • Two distinguished names, which uniquely identify the issuer (the certificate authority that issued the certificate) and the subject (the individual or organization to whom the certificate was issued). The distinguished names contain several optional components:
    • Common name
    • Organizational unit
    • Organization
    • Locality
    • State or Province
    • Country
  • A digital signature. The signature is created by the certificate authority using the public-key encryption technique:
    1. A secure hashing algorithm is used to create a digest of the certificate's contents.
    2. The digest is encrypted with the certificate authority's private key.
    The digital signature assures the receiver that no changes have been made to the certificate since it was issued:
    1. The signature is decrypted with the certificate authority's public key.
    2. A new digest of the certificate's contents is made, and compared with the decrypted signature. Any discrepancy indicates that the certificate may have been altered.
  • The subject's domain name. The receiver compares this with the actual sender of the certificate.
  • The subject's public key.

Certificates are used to authenticate clients to servers, and servers to clients; the mechanism used is essentially the same in both cases. However, the server certificate is mandatory - that is, the server must send its certificate to the client - but the client certificate is optional: some clients may not support client certificates; other may not have certificates installed. Servers can decide whether to require client authentication for a connection.