[cryptography] Client TLS Certificates - why not?

Martin Paljak martin at martinpaljak.net
Tue Mar 5 09:18:07 EST 2013

On Tue, Mar 5, 2013 at 2:08 PM, ianG <iang at iang.org> wrote:
> This whole argument that certs aren't portable across devices is something
> of a strawman.  Companies deploy SSL certs across accelerators all the time,
> so why not client certs?  The reason is the assumptions that are designed to
> stop you doing that.  Get rid of those assumptions, and client certs work.

 - Distributing (encryption) keys securely is not that easy to
accomplish (end-users can screw it up more than a security officer
when initializing modules)
 - There's no goldmine business model in client-side *encryption* to
motivate making it easier: there's no legislation that requires it (a
driving factor behind the business sector) or wide-spread use case
that would mitigate a costly risk for "server-side business" runners
(another factor)
 - When you care about encryption (read: forbidding easy decryption)
you can often forget certificates, because you don't care about
*certificates* but keys (you just need certificates because some
software that makes encryption uses certificates to carry public key

> Smart cards and USB-format PKI are a dead loss.  They are unworkable as a
> tech, 20 years of experiments have shown this beyond a shadow of a doubt.
> If there is any future in smart cards or any other form of fantasy token, it
> will come via its humbler cousin, the cert stored in the browser or the
> software app.  Later on, once that has proved the model, it might be
> possible to pay the huge cost of smart card deployment.
> Yes, I agree that browsers don't really support client certs.  Reasons are
> the same old same old.

I think there's more to smart cards than to USB. "Universal chips" are
here to stay for a while. USB is not that universal.

So here's 10 years of practice of trying to use a *smart card* in real
life, broken down into platforms and browsers, and having two uses for
client certificates: SSL/TLS *and* additional "stuff that needs
plugins to work":

- you always need a bunch of semi-proprietary software to make things work
- Windows has been relatively OK, when IE is used. Things have gone
better with BaseCSP.
- Opera doesn't give a ***** about smart cards.
- Firefox has lost the game, PKCS#11 on Windows is nineties.
- Chrome may be evil but it works, quite often
- Mac OS X and Chrome worked until 10.6 or so. 10.6, 10.7 and 10.8 do
the "tablet thing" and "apple thing" and have deprecated/obsoleted
most of the software needed to work with smart cards "the apple way".
Things have been stagnated in Mac OS X world for years.
- Firefox and PKCS#11 suck the same way as as it does on other platforms.
- Chrome made things right, meaning that ThingsJustWorkedMagically for
a while on OS X.
- Safari works... To some extent, obviously not a priority for the producer.
- Linux.... Is Linux. Many options to choose from, possible to make
things work, possible to spend hours trying to get thing to work.

TLS is plumbing, and for pluming to work well, it should go to the
same place where other plumbing (like sockets) are done: the question
is not in the browsers but in platforms (operating systems).

At least for smart cards. It works well if the platform provides means
for working with them and if the browser makes use of the provided
capabilities. Thats why MS/IE, MS/Chrome, OSX/Chrome work pretty well.

As soon as you have more than one certificate from the same provider,
for different purposes.. things get hairy for the browser and also the

All-in-all, it works in smaller scales (a country of 1.3M) and with
constant fighting with breaking updates from all fronts (platforms,
libraries, applications etc).


More information about the cryptography mailing list