and not a single Tor hacker was surprised...

[Tom Ritter]

On Jan 23, 2014 6:13 AM, "rysiek" <rysiek at hackerspace.pl> wrote:> About
this. Is there a way to serve 2 (or more) certificates for a given HTTPS
> server/domain? What I would like to have is a way to:
>  - serve a proper, vanilla SSL certificate bought from some provider for
the
>    general public accessing my service;
>  - serve a different cert (for example, using MonkeySphere) for those
that do
>    not trust (and with good reasons) major CA's.
>
> This would have to work for the *same* domain on the *same* webserver. I
> haven't yet seen a way to do this, so this might need implementing, but
maybe
> somebody here has heard about something along these lines?

There are a lot of things like this, but the big question is: how does the
user indicate to you which cert they want?

If it was via pubca.x.com or privca.x.com - that's easy just put the
different certs in the different sites.

But otherwise, you have to rely on quirks.

TLS allows you to send different certs to different users, but this is
based off the handshake and is for algorithm agility - not cert chaining.
EG I send ECDSA signed certs if I know you can handle them, and RSA if not.

You can also send two leaf certs, two cert chains, a cert and garbage, a
cert and a stego message - whatever. This is the closest to what you want,
but this is undefined behavior. Browsers may build a valid chain off the
public CA, and monkeysphere off the private* and it works perfect... Or the
browser may pop an invalid cert warning. It's undefined behavior. You'll
have to test, see what happens, and hope chrome doesn't break when it
updates every week.

-tom

* I realize monkey sphere doesn't use a private CA, just using it as an
example.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2075 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140123/da40e4d1/attachment-0001.txt>