In the consumerism era we are living in
today, where we often have better computer equipment at home
than in the of?¬?ce, remote access is an increasingly popular scenario.
There are also businesses that chose to protect their customerfacing
services with SSL client authentication. The approach
exhibits clear advantages over passwords, especially for activities
involving high-value transactions. For example, a homebanking
application protected by a client certi?¬?cate is not
susceptible to phishing as we know it today. All the authentication
operation is based on asymmetric cryptography; there is no
shared secret between the bank and its customer, and hence
there is nothing to steal that a phishing attack may acquire and
reuse. Those advantages, however, come at a very high price for
Subject
Random
Data
Certificate
Store
Browser
Choose
One
Certificate
3
1
4
2
Select
Certificate
HTTPS
PAGE S
S
Figure 1-15 HTTPS client authentication steps
HTTPS client certi
?¬?cate authentication
does not work
very well with
customers because
of the dif?¬?culties of
distributing and
maintaining certi?¬?-
cates on unmanaged
machines
The Babel of Cryptography 65
the brave bank that decides to implement such a scheme.
Pages:
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127