Can an eavesdropper detect the use of a TLS client-side certificate?

Question

Basically what the above says, assuming the eavesdropper must be completely passive, and cannot connect to the server to check if the server requires a client certificate.

score 7 · Answer 1 · answered Aug 11 '15 at 07:09

Yes, the client certificate is sent in the clear if the server sent a certificate request.

Some servers (IIRC, Microsoft IIS) first perform handshake with no user authentication and then start a renegotiation asking for client certificate. The renegotiation is thus encrypted using the cipher suite negotiated in step 1 and the client certificate is encrypted on the wire.

If in doubt, use wireshark.

score 4 · Accepted Answer · edited Mar 17 '17 at 10:46

4

TLS handshake protocol in brief:

All the exchange you see before the step 9 (including the certificate exchange) is vulnerable because only after it the channel is secured.

P.S. You may be interested in reading this.

edited Mar 17 '17 at 10:46

Community

1

answered Aug 11 '15 at 07:32

Can an eavesdropper detect the use of a TLS client-side certificate?

2 Answers2

Linked