2

I have implemented an STS that allows clients to authenticate using X509 certificates. WIF (now built in in .NET 4.5) has an X509SecurityToken class that seems to work perfectly for this scenario. In my case, I would also like to pass an ActAs token, but it seems to me that while ActAs tokens are validated (by a different collection of token handlers), for the X509SecurityToken, this validation does NOT prove that the caller possesses the private key, as it does when the token is used as the message credential.

Is there any way around this? How can I require the ActAs token to prove it has the private key?

Mark
  • 11,257
  • 11
  • 61
  • 97
  • Agree it would not be a good idea to use the public key for authentication. What if the token was signed with the private key? – paparazzo Nov 05 '13 at 18:34
  • @Blam: sounds good, but `X509SecurityToken` doesn't seem to support that? – Mark Nov 05 '13 at 18:37
  • I am not familiar with X509SecurityToken but that is generally how PKI works. There has to be something in Security that does this. – paparazzo Nov 05 '13 at 18:46
  • @Blam: I agree, but it's certainly not obvious, and the documentation makes no reference to it. – Mark Nov 05 '13 at 18:54
  • To answer purpose of X509 certificate. If the chain was signed by like Go Daddy you know that at least Go Daddy believes you are who you say you are and to extract the public key. – paparazzo Nov 05 '13 at 21:13
  • Blam: no, it means that I know that GoDaddy believes that whoever they issued the certificate to is who they claimed to be, but I have no way of knowing that the certificate was issued to my caller, because I have no proof that my caller has the private key... – Mark Nov 06 '13 at 15:50
  • You need to learn PKI. http://msdn.microsoft.com/en-us/library/windows/desktop/aa388452(v=vs.85).aspx As for the question on use of X509Security it is very clear in the link in your question. An X509SecurityToken can be used to sign, encrypt, and pass security credentials in a SOAP message. – paparazzo Nov 06 '13 at 16:39
  • I understand PKI. In this case, however, nothing seems to be signed or encrypted. – Mark Nov 07 '13 at 17:28
  • Clearly you don't understand PKI. Nothing is signed nor encrypted because you have not signed nor encrypted anything. What part of "An X509SecurityToken can be used to sign, encrypt, and pass security credentials in a SOAP message" is not clear? Did you sign or encrypt a SOAP message? – paparazzo Nov 07 '13 at 19:55
  • You've failed to understand my question. I know what a certificate can be used for, that's NOT the question. – Mark Nov 07 '13 at 21:04
  • The stated question is "What would X509SecurityToken be used for?" It is the only ? mark. And the answer is in the link "An X509SecurityToken can be used to sign, encrypt, and pass security credentials in a SOAP message." What in the world leads you to believe that X509SecurityToken is the perfect tool to sign an X509 certificate when nothing in the documentation indicates the purpose of a X509SecurityToken is to sign an X509 certificate. – paparazzo Nov 07 '13 at 21:17
  • Actually, the first question mark is the important one (the one you quoted is the second, and that question is prefixed with an "if not,"): *In other words, anyone with the public certificate can use it to authenticate to the service. Is there any way around this?* – Mark Nov 07 '13 at 21:48
  • Other then you I suspect no other service would authenticate based on the holder of publicly available data. – paparazzo Nov 07 '13 at 22:09
  • Exactly, which makes me wonder why there's a `ChannelFactory.Credentials.ClientCertificate.SetCertificate()` method, if there's no proof that the client holds the private key. – Mark Nov 07 '13 at 22:24
  • You were able to SetCertificate to a X509 certificate that you did not have the private key and still apply message or transport security? – paparazzo Nov 08 '13 at 13:21
  • Well, in fact, no, and now I think I know where the disconnect is. I'll update the question. – Mark Nov 09 '13 at 06:50

1 Answers1

-1

Presenting a public key or X509 certificate does not prove I am the holder of the private key.
That is not the purpose.

But a signed certificate also does not prove I am the holder of private key.

If I send you an autographed picture of George W and you verify the signature is authentic and the picture is George W does that prove I am George W?

The way you verify I am George W is you send me a random challenge (in the old days it was call a nounce) and I sign it with my my private key.
You then verify the signature using the public key (via the x509 certificate).
The purpose of the certificate is to identify the entity with the certificate not the holder of the private key.
And it really does not verify I am George W.
It just verifies that at the point in time I have the private key.

Really if authentication was based on signed certificate then you could authenticate with any server that authenticated with the misguided assumption that a signed certificate proved I was the holder of the private key.

Your confusion is not limited to PKI but security in general.
To encrypt a channel the encryption key is changed every x period of time.

Ry-
  • 218,210
  • 55
  • 464
  • 476
paparazzo
  • 44,497
  • 23
  • 105
  • 176
  • 1
    For the record, I'm not the one that downvoted your answer. I really do understand how PKI works, but I don't think you understand how WS-Security works, especially in the context of X509 security tokens. In WS-Security, the server doesn't send a random challenge to be signed by the client (over HTTP, the client talks first), but the client DOES need to sign something to prove they have the private key. I believe this goes in a proof key? Either way, it doesn't seem like you know. – Mark Nov 07 '13 at 22:19
  • @Mark Did I pretend to know the inner workings. I do know the answer to a repeated question means I know the answer but not necessarily how to answer. What is the problem you are really they to solve? Why not use WSE? STS is old. – paparazzo Nov 07 '13 at 22:27
  • WSE? As in, Web Services Extensions? Which was most recently released in 2005? Do you even know what an STS (Security Token Service) is? – Mark Nov 07 '13 at 22:57
  • For the 3rd time. Per the documentation a X509SecurityToken is used to sign, encrypt, and pass security credentials in a SOAP message. If the documentation is not correct take it up with Microsoft. http://msdn.microsoft.com/en-us/library/microsoft.web.services2.security.tokens.x509securitytoken.aspx – paparazzo Nov 08 '13 at 00:26